Project import generated by Copybara.
GitOrigin-RevId: 6ef4f522d63f22b40004319778761040d3197390
This commit is contained in:
parent
3ec2fa6bfd
commit
48d4c8cc3c
433 changed files with 6743 additions and 3783 deletions
|
@ -772,7 +772,7 @@ nameValuePair "some" 6
|
|||
<title>Modifying each value of an attribute set</title>
|
||||
<programlisting><![CDATA[
|
||||
lib.attrsets.mapAttrs
|
||||
(name: value: name + "-" value)
|
||||
(name: value: name + "-" + value)
|
||||
{ x = "foo"; y = "bar"; }
|
||||
=> { x = "x-foo"; y = "y-bar"; }
|
||||
]]></programlisting>
|
||||
|
|
|
@ -390,6 +390,12 @@
|
|||
githubId = 1318982;
|
||||
name = "Anders Claesson";
|
||||
};
|
||||
akho = {
|
||||
name = "Alexander Khodyrev";
|
||||
email = "a@akho.name";
|
||||
github = "akho";
|
||||
githubId = 104951;
|
||||
};
|
||||
akru = {
|
||||
email = "mail@akru.me";
|
||||
github = "akru";
|
||||
|
@ -2283,6 +2289,12 @@
|
|||
fingerprint = "1C4E F4FE 7F8E D8B7 1E88 CCDF BAB1 D15F B7B4 D4CE";
|
||||
}];
|
||||
};
|
||||
d-xo = {
|
||||
email = "hi@d-xo.org";
|
||||
github = "d-xo";
|
||||
githubId = 6689924;
|
||||
name = "David Terry";
|
||||
};
|
||||
dadada = {
|
||||
name = "dadada";
|
||||
email = "dadada@dadada.li";
|
||||
|
@ -3237,6 +3249,12 @@
|
|||
fingerprint = "2D37 1AD2 7E2B BC77 97E1 B759 6C79 278F 3FCD CC02";
|
||||
}];
|
||||
};
|
||||
ereslibre = {
|
||||
email = "ereslibre@ereslibre.es";
|
||||
github = "ereslibre";
|
||||
githubId = 8706;
|
||||
name = "Rafael Fernández López";
|
||||
};
|
||||
ericbmerritt = {
|
||||
email = "eric@afiniate.com";
|
||||
github = "ericbmerritt";
|
||||
|
@ -8562,6 +8580,12 @@
|
|||
github = "polygon";
|
||||
githubId = 51489;
|
||||
};
|
||||
polykernel = {
|
||||
email = "81340136+polykernel@users.noreply.github.com";
|
||||
github = "polykernel";
|
||||
githubId = 81340136;
|
||||
name = "polykernel";
|
||||
};
|
||||
polyrod = {
|
||||
email = "dc1mdp@gmail.com";
|
||||
github = "polyrod";
|
||||
|
@ -11698,12 +11722,6 @@
|
|||
githubId = 1962985;
|
||||
name = "Vincenzo Mantova";
|
||||
};
|
||||
xwvvvvwx = {
|
||||
email = "davidterry@posteo.de";
|
||||
github = "xwvvvvwx";
|
||||
githubId = 6689924;
|
||||
name = "David Terry";
|
||||
};
|
||||
xzfc = {
|
||||
email = "xzfcpw@gmail.com";
|
||||
github = "xzfc";
|
||||
|
|
|
@ -5,7 +5,7 @@ when developing or debugging a test:
|
|||
|
||||
```ShellSession
|
||||
$ nix-build nixos/tests/login.nix -A driverInteractive
|
||||
$ ./result/bin/nixos-test-driver
|
||||
$ ./result/bin/nixos-test-driver --interactive
|
||||
starting VDE switch for network 1
|
||||
>
|
||||
```
|
||||
|
@ -24,20 +24,11 @@ back into the test driver command line upon its completion. This allows
|
|||
you to inspect the state of the VMs after the test (e.g. to debug the
|
||||
test script).
|
||||
|
||||
To just start and experiment with the VMs, run:
|
||||
|
||||
```ShellSession
|
||||
$ nix-build nixos/tests/login.nix -A driverInteractive
|
||||
$ ./result/bin/nixos-run-vms
|
||||
```
|
||||
|
||||
The script `nixos-run-vms` starts the virtual machines defined by test.
|
||||
|
||||
You can re-use the VM states coming from a previous run by setting the
|
||||
`--keep-vm-state` flag.
|
||||
|
||||
```ShellSession
|
||||
$ ./result/bin/nixos-run-vms --keep-vm-state
|
||||
$ ./result/bin/nixos-test-driver --interactive --keep-vm-state
|
||||
```
|
||||
|
||||
The machine state is stored in the `$TMPDIR/vm-state-machinename`
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
</para>
|
||||
<programlisting>
|
||||
$ nix-build nixos/tests/login.nix -A driverInteractive
|
||||
$ ./result/bin/nixos-test-driver
|
||||
$ ./result/bin/nixos-test-driver --interactive
|
||||
starting VDE switch for network 1
|
||||
>
|
||||
</programlisting>
|
||||
|
@ -25,23 +25,12 @@ starting VDE switch for network 1
|
|||
completion. This allows you to inspect the state of the VMs after
|
||||
the test (e.g. to debug the test script).
|
||||
</para>
|
||||
<para>
|
||||
To just start and experiment with the VMs, run:
|
||||
</para>
|
||||
<programlisting>
|
||||
$ nix-build nixos/tests/login.nix -A driverInteractive
|
||||
$ ./result/bin/nixos-run-vms
|
||||
</programlisting>
|
||||
<para>
|
||||
The script <literal>nixos-run-vms</literal> starts the virtual
|
||||
machines defined by test.
|
||||
</para>
|
||||
<para>
|
||||
You can re-use the VM states coming from a previous run by setting
|
||||
the <literal>--keep-vm-state</literal> flag.
|
||||
</para>
|
||||
<programlisting>
|
||||
$ ./result/bin/nixos-run-vms --keep-vm-state
|
||||
$ ./result/bin/nixos-test-driver --interactive --keep-vm-state
|
||||
</programlisting>
|
||||
<para>
|
||||
The machine state is stored in the
|
||||
|
|
|
@ -646,6 +646,32 @@
|
|||
to use wildcards in the <literal>source</literal> argument.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The <literal>openrazer</literal> and
|
||||
<literal>openrazer-daemon</literal> packages as well as the
|
||||
<literal>hardware.openrazer</literal> module now require users
|
||||
to be members of the <literal>openrazer</literal> group
|
||||
instead of <literal>plugdev</literal>. With this change, users
|
||||
no longer need be granted the entire set of
|
||||
<literal>plugdev</literal> group permissions, which can
|
||||
include permissions other than those required by
|
||||
<literal>openrazer</literal>. This is desirable from a
|
||||
security point of view. The setting
|
||||
<link xlink:href="options.html#opt-services.hardware.openrazer.users"><literal>harware.openrazer.users</literal></link>
|
||||
can be used to add users to the <literal>openrazer</literal>
|
||||
group.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The <literal>yambar</literal> package has been split into
|
||||
<literal>yambar</literal> and
|
||||
<literal>yambar-wayland</literal>, corresponding to the xorg
|
||||
and wayland backend respectively. Please switch to
|
||||
<literal>yambar-wayland</literal> if you are on wayland.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
<section xml:id="sec-release-21.11-notable-changes">
|
||||
|
@ -815,6 +841,15 @@
|
|||
version of zfs.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Nginx will use the value of
|
||||
<literal>sslTrustedCertificate</literal> if provided for a
|
||||
virtual host, even if <literal>enableACME</literal> is set.
|
||||
This is useful for providers not using the same certificate to
|
||||
sign OCSP responses and server certificates.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
</section>
|
||||
|
|
|
@ -164,6 +164,10 @@ pt-services.clipcat.enable).
|
|||
|
||||
- `programs.neovim.runtime` switched to a `linkFarm` internally, making it impossible to use wildcards in the `source` argument.
|
||||
|
||||
- The `openrazer` and `openrazer-daemon` packages as well as the `hardware.openrazer` module now require users to be members of the `openrazer` group instead of `plugdev`. With this change, users no longer need be granted the entire set of `plugdev` group permissions, which can include permissions other than those required by `openrazer`. This is desirable from a security point of view. The setting [`harware.openrazer.users`](options.html#opt-services.hardware.openrazer.users) can be used to add users to the `openrazer` group.
|
||||
|
||||
- The `yambar` package has been split into `yambar` and `yambar-wayland`, corresponding to the xorg and wayland backend respectively. Please switch to `yambar-wayland` if you are on wayland.
|
||||
|
||||
## Other Notable Changes {#sec-release-21.11-notable-changes}
|
||||
|
||||
- The setting [`services.openssh.logLevel`](options.html#opt-services.openssh.logLevel) `"VERBOSE"` `"INFO"`. This brings NixOS in line with upstream and other Linux distributions, and reduces log spam on servers due to bruteforcing botnets.
|
||||
|
@ -209,3 +213,5 @@ pt-services.clipcat.enable).
|
|||
- The [services.syncoid.enable](options.html#opt-services.syncoid.enable) module now properly drops ZFS permissions after usage. Before it delegated permissions to whole pools instead of datasets and didn't clean up after execution. You can manually look this up for your pools by running `zfs allow your-pool-name` and use `zfs unallow syncoid your-pool-name` to clean this up.
|
||||
|
||||
- Zfs: `latestCompatibleLinuxPackages` is now exported on the zfs package. One can use `boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;` to always track the latest compatible kernel with a given version of zfs.
|
||||
|
||||
- Nginx will use the value of `sslTrustedCertificate` if provided for a virtual host, even if `enableACME` is set. This is useful for providers not using the same certificate to sign OCSP responses and server certificates.
|
||||
|
|
101
third_party/nixpkgs/nixos/lib/test-driver/test-driver.py
vendored
Normal file → Executable file
101
third_party/nixpkgs/nixos/lib/test-driver/test-driver.py
vendored
Normal file → Executable file
|
@ -24,7 +24,6 @@ import sys
|
|||
import telnetlib
|
||||
import tempfile
|
||||
import time
|
||||
import traceback
|
||||
import unicodedata
|
||||
|
||||
CHAR_TO_KEY = {
|
||||
|
@ -930,29 +929,16 @@ def join_all() -> None:
|
|||
machine.wait_for_shutdown()
|
||||
|
||||
|
||||
def test_script() -> None:
|
||||
exec(os.environ["testScript"])
|
||||
|
||||
|
||||
def run_tests() -> None:
|
||||
def run_tests(interactive: bool = False) -> None:
|
||||
global machines
|
||||
tests = os.environ.get("tests", None)
|
||||
if tests is not None:
|
||||
with log.nested("running the VM test script"):
|
||||
try:
|
||||
exec(tests, globals())
|
||||
except Exception as e:
|
||||
eprint("error: ")
|
||||
traceback.print_exc()
|
||||
sys.exit(1)
|
||||
if interactive:
|
||||
ptpython.repl.embed(globals(), locals())
|
||||
else:
|
||||
ptpython.repl.embed(locals(), globals())
|
||||
|
||||
# TODO: Collect coverage data
|
||||
|
||||
for machine in machines:
|
||||
if machine.is_up():
|
||||
machine.execute("sync")
|
||||
test_script()
|
||||
# TODO: Collect coverage data
|
||||
for machine in machines:
|
||||
if machine.is_up():
|
||||
machine.execute("sync")
|
||||
|
||||
|
||||
def serial_stdout_on() -> None:
|
||||
|
@ -965,6 +951,31 @@ def serial_stdout_off() -> None:
|
|||
log._print_serial_logs = False
|
||||
|
||||
|
||||
class EnvDefault(argparse.Action):
|
||||
"""An argpars Action that takes values from the specified
|
||||
environment variable as the flags default value.
|
||||
"""
|
||||
|
||||
def __init__(self, envvar, required=False, default=None, nargs=None, **kwargs): # type: ignore
|
||||
if not default and envvar:
|
||||
if envvar in os.environ:
|
||||
if nargs is not None and (nargs.isdigit() or nargs in ["*", "+"]):
|
||||
default = os.environ[envvar].split()
|
||||
else:
|
||||
default = os.environ[envvar]
|
||||
kwargs["help"] = (
|
||||
kwargs["help"] + f" (default from environment: {default})"
|
||||
)
|
||||
if required and default:
|
||||
required = False
|
||||
super(EnvDefault, self).__init__(
|
||||
default=default, required=required, nargs=nargs, **kwargs
|
||||
)
|
||||
|
||||
def __call__(self, parser, namespace, values, option_string=None): # type: ignore
|
||||
setattr(namespace, self.dest, values)
|
||||
|
||||
|
||||
@contextmanager
|
||||
def subtest(name: str) -> Iterator[None]:
|
||||
with log.nested(name):
|
||||
|
@ -986,18 +997,52 @@ if __name__ == "__main__":
|
|||
help="re-use a VM state coming from a previous run",
|
||||
action="store_true",
|
||||
)
|
||||
(cli_args, vm_scripts) = arg_parser.parse_known_args()
|
||||
arg_parser.add_argument(
|
||||
"-I",
|
||||
"--interactive",
|
||||
help="drop into a python repl and run the tests interactively",
|
||||
action="store_true",
|
||||
)
|
||||
arg_parser.add_argument(
|
||||
"--start-scripts",
|
||||
metavar="START-SCRIPT",
|
||||
action=EnvDefault,
|
||||
envvar="startScripts",
|
||||
nargs="*",
|
||||
help="start scripts for participating virtual machines",
|
||||
)
|
||||
arg_parser.add_argument(
|
||||
"--vlans",
|
||||
metavar="VLAN",
|
||||
action=EnvDefault,
|
||||
envvar="vlans",
|
||||
nargs="*",
|
||||
help="vlans to span by the driver",
|
||||
)
|
||||
arg_parser.add_argument(
|
||||
"testscript",
|
||||
action=EnvDefault,
|
||||
envvar="testScript",
|
||||
help="the test script to run",
|
||||
type=pathlib.Path,
|
||||
)
|
||||
|
||||
args = arg_parser.parse_args()
|
||||
global test_script
|
||||
|
||||
def test_script() -> None:
|
||||
with log.nested("running the VM test script"):
|
||||
exec(pathlib.Path(args.testscript).read_text(), globals())
|
||||
|
||||
log = Logger()
|
||||
|
||||
vlan_nrs = list(dict.fromkeys(os.environ.get("VLANS", "").split()))
|
||||
vde_sockets = [create_vlan(v) for v in vlan_nrs]
|
||||
vde_sockets = [create_vlan(v) for v in args.vlans]
|
||||
for nr, vde_socket, _, _ in vde_sockets:
|
||||
os.environ["QEMU_VDE_SOCKET_{}".format(nr)] = vde_socket
|
||||
|
||||
machines = [
|
||||
create_machine({"startCommand": s, "keepVmState": cli_args.keep_vm_state})
|
||||
for s in vm_scripts
|
||||
create_machine({"startCommand": s, "keepVmState": args.keep_vm_state})
|
||||
for s in args.start_scripts
|
||||
]
|
||||
machine_eval = [
|
||||
"{0} = machines[{1}]".format(m.name, idx) for idx, m in enumerate(machines)
|
||||
|
@ -1017,6 +1062,6 @@ if __name__ == "__main__":
|
|||
log.close()
|
||||
|
||||
tic = time.time()
|
||||
run_tests()
|
||||
run_tests(args.interactive)
|
||||
toc = time.time()
|
||||
print("test script finished in {:.2f}s".format(toc - tic))
|
||||
|
|
23
third_party/nixpkgs/nixos/lib/testing-python.nix
vendored
23
third_party/nixpkgs/nixos/lib/testing-python.nix
vendored
|
@ -83,7 +83,10 @@ rec {
|
|||
''
|
||||
mkdir -p $out
|
||||
|
||||
LOGFILE=/dev/null tests='exec(os.environ["testScript"])' ${driver}/bin/nixos-test-driver
|
||||
# effectively mute the XMLLogger
|
||||
export LOGFILE=/dev/null
|
||||
|
||||
${driver}/bin/nixos-test-driver
|
||||
'';
|
||||
|
||||
passthru = driver.passthru // {
|
||||
|
@ -166,7 +169,10 @@ rec {
|
|||
''
|
||||
mkdir -p $out/bin
|
||||
|
||||
vmStartScripts=($(for i in ${toString vms}; do echo $i/bin/run-*-vm; done))
|
||||
echo -n "$testScript" > $out/test-script
|
||||
ln -s ${testDriver}/bin/nixos-test-driver $out/bin/nixos-test-driver
|
||||
|
||||
${lib.optionalString (!skipLint) ''
|
||||
PYFLAKES_BUILTINS="$(
|
||||
echo -n ${lib.escapeShellArg (lib.concatStringsSep "," nodeHostNames)},
|
||||
|
@ -174,17 +180,12 @@ rec {
|
|||
)" ${python3Packages.pyflakes}/bin/pyflakes $out/test-script
|
||||
''}
|
||||
|
||||
ln -s ${testDriver}/bin/nixos-test-driver $out/bin/
|
||||
vms=($(for i in ${toString vms}; do echo $i/bin/run-*-vm; done))
|
||||
# set defaults through environment
|
||||
# see: ./test-driver/test-driver.py argparse implementation
|
||||
wrapProgram $out/bin/nixos-test-driver \
|
||||
--add-flags "''${vms[*]}" \
|
||||
--run "export testScript=\"\$(${coreutils}/bin/cat $out/test-script)\"" \
|
||||
--set VLANS '${toString vlans}'
|
||||
ln -s ${testDriver}/bin/nixos-test-driver $out/bin/nixos-run-vms
|
||||
wrapProgram $out/bin/nixos-run-vms \
|
||||
--add-flags "''${vms[*]}" \
|
||||
--set tests 'start_all(); join_all();' \
|
||||
--set VLANS '${toString vlans}'
|
||||
--set startScripts "''${vmStartScripts[*]}" \
|
||||
--set testScript "$out/test-script" \
|
||||
--set vlans '${toString vlans}'
|
||||
'');
|
||||
|
||||
# Make a full-blown test
|
||||
|
|
|
@ -49,7 +49,9 @@ in
|
|||
{
|
||||
options = {
|
||||
hardware.openrazer = {
|
||||
enable = mkEnableOption "OpenRazer drivers and userspace daemon";
|
||||
enable = mkEnableOption ''
|
||||
OpenRazer drivers and userspace daemon.
|
||||
'';
|
||||
|
||||
verboseLogging = mkOption {
|
||||
type = types.bool;
|
||||
|
@ -92,6 +94,15 @@ in
|
|||
generate a heatmap.
|
||||
'';
|
||||
};
|
||||
|
||||
users = mkOption {
|
||||
type = with types; listOf str;
|
||||
default = [];
|
||||
description = ''
|
||||
Usernames to be added to the "openrazer" group, so that they
|
||||
can start and interact with the OpenRazer userspace daemon.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -106,10 +117,12 @@ in
|
|||
services.udev.packages = [ kernelPackages.openrazer ];
|
||||
services.dbus.packages = [ dbusServiceFile ];
|
||||
|
||||
# A user must be a member of the plugdev group in order to start
|
||||
# the openrazer-daemon. Therefore we make sure that the plugdev
|
||||
# group exists.
|
||||
users.groups.plugdev = {};
|
||||
# A user must be a member of the openrazer group in order to start
|
||||
# the openrazer-daemon. Therefore we make sure that the group
|
||||
# exists.
|
||||
users.groups.openrazer = {
|
||||
members = cfg.users;
|
||||
};
|
||||
|
||||
systemd.user.services.openrazer-daemon = {
|
||||
description = "Daemon to manage razer devices in userspace";
|
||||
|
|
|
@ -179,28 +179,41 @@ in
|
|||
You cannot configure both an Intel iGPU and an AMD APU. Pick the one corresponding to your processor.
|
||||
'';
|
||||
}
|
||||
|
||||
{
|
||||
assertion = primeEnabled -> pCfg.nvidiaBusId != "" && (pCfg.intelBusId != "" || pCfg.amdgpuBusId != "");
|
||||
message = ''
|
||||
When NVIDIA PRIME is enabled, the GPU bus IDs must configured.
|
||||
'';
|
||||
}
|
||||
|
||||
{
|
||||
assertion = offloadCfg.enable -> versionAtLeast nvidia_x11.version "435.21";
|
||||
message = "NVIDIA PRIME render offload is currently only supported on versions >= 435.21.";
|
||||
}
|
||||
|
||||
{
|
||||
assertion = !(syncCfg.enable && offloadCfg.enable);
|
||||
message = "Only one NVIDIA PRIME solution may be used at a time.";
|
||||
}
|
||||
|
||||
{
|
||||
assertion = !(syncCfg.enable && cfg.powerManagement.finegrained);
|
||||
message = "Sync precludes powering down the NVIDIA GPU.";
|
||||
}
|
||||
|
||||
{
|
||||
assertion = cfg.powerManagement.enable -> offloadCfg.enable;
|
||||
message = "Fine-grained power management requires offload to be enabled.";
|
||||
}
|
||||
|
||||
{
|
||||
assertion = cfg.powerManagement.enable -> (
|
||||
builtins.pathExists (cfg.package.out + "/bin/nvidia-sleep.sh") &&
|
||||
builtins.pathExists (cfg.package.out + "/lib/systemd/system-sleep/nvidia")
|
||||
);
|
||||
message = "Required files for driver based power management don't exist.";
|
||||
}
|
||||
];
|
||||
|
||||
# If Optimus/PRIME is enabled, we:
|
||||
|
|
|
@ -14,7 +14,7 @@ let
|
|||
''
|
||||
#! ${pkgs.runtimeShell} -e
|
||||
export DISPLAY="$(systemctl --user show-environment | ${pkgs.gnused}/bin/sed 's/^DISPLAY=\(.*\)/\1/; t; d')"
|
||||
exec ${askPassword}
|
||||
exec ${askPassword} "$@"
|
||||
'';
|
||||
|
||||
knownHosts = map (h: getAttr h cfg.knownHosts) (attrNames cfg.knownHosts);
|
||||
|
|
|
@ -10,8 +10,5 @@ in {
|
|||
|
||||
config = mkIf cfg.enable {
|
||||
security.wrappers.udevil.source = "${lib.getBin pkgs.udevil}/bin/udevil";
|
||||
|
||||
systemd.packages = [ pkgs.udevil ];
|
||||
systemd.services."devmon@".wantedBy = [ "multi-user.target" ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -21,15 +21,51 @@ let
|
|||
# The Group can vary depending on what the user has specified in
|
||||
# security.acme.certs.<cert>.group on some of the services.
|
||||
commonServiceConfig = {
|
||||
Type = "oneshot";
|
||||
User = "acme";
|
||||
Group = mkDefault "acme";
|
||||
UMask = 0022;
|
||||
StateDirectoryMode = 750;
|
||||
ProtectSystem = "full";
|
||||
PrivateTmp = true;
|
||||
Type = "oneshot";
|
||||
User = "acme";
|
||||
Group = mkDefault "acme";
|
||||
UMask = 0022;
|
||||
StateDirectoryMode = 750;
|
||||
ProtectSystem = "strict";
|
||||
ReadWritePaths = [
|
||||
"/var/lib/acme"
|
||||
];
|
||||
PrivateTmp = true;
|
||||
|
||||
WorkingDirectory = "/tmp";
|
||||
WorkingDirectory = "/tmp";
|
||||
|
||||
CapabilityBoundingSet = [ "" ];
|
||||
DevicePolicy = "closed";
|
||||
LockPersonality = true;
|
||||
MemoryDenyWriteExecute = true;
|
||||
NoNewPrivileges = true;
|
||||
PrivateDevices = true;
|
||||
ProtectClock = true;
|
||||
ProtectHome = true;
|
||||
ProtectHostname = true;
|
||||
ProtectControlGroups = true;
|
||||
ProtectKernelLogs = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectKernelTunables = true;
|
||||
ProtectProc = "invisible";
|
||||
ProcSubset = "pid";
|
||||
RemoveIPC = true;
|
||||
RestrictAddressFamilies = [
|
||||
"AF_INET"
|
||||
"AF_INET6"
|
||||
];
|
||||
RestrictNamespaces = true;
|
||||
RestrictRealtime = true;
|
||||
RestrictSUIDSGID = true;
|
||||
SystemCallArchitectures = "native";
|
||||
SystemCallFilter = [
|
||||
# 1. allow a reasonable set of syscalls
|
||||
"@system-service"
|
||||
# 2. and deny unreasonable ones
|
||||
"~@privileged @resources"
|
||||
# 3. then allow the required subset within denied groups
|
||||
"@chown"
|
||||
];
|
||||
};
|
||||
|
||||
# In order to avoid race conditions creating the CA for selfsigned certs,
|
||||
|
|
|
@ -96,8 +96,10 @@ in
|
|||
users.users.polkituser = {
|
||||
description = "PolKit daemon";
|
||||
uid = config.ids.uids.polkituser;
|
||||
group = "polkituser";
|
||||
};
|
||||
|
||||
users.groups.polkituser = {};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -53,6 +53,14 @@ let cfg = config.services.victoriametrics; in
|
|||
-retentionPeriod ${toString cfg.retentionPeriod} \
|
||||
${lib.escapeShellArgs cfg.extraOptions}
|
||||
'';
|
||||
# victoriametrics 1.59 with ~7GB of data seems to eventually panic when merging files and then
|
||||
# begins restart-looping forever. Set LimitNOFILE= to a large number to work around this issue.
|
||||
#
|
||||
# panic: FATAL: unrecoverable error when merging small parts in the partition "/var/lib/victoriametrics/data/small/2021_08":
|
||||
# cannot open source part for merging: cannot open values file in stream mode:
|
||||
# cannot open file "/var/lib/victoriametrics/data/small/2021_08/[...]/values.bin":
|
||||
# open /var/lib/victoriametrics/data/small/2021_08/[...]/values.bin: too many open files
|
||||
LimitNOFILE = 1048576;
|
||||
};
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
|
|
|
@ -27,6 +27,12 @@
|
|||
"msbc-alt1-rtl"
|
||||
]
|
||||
},
|
||||
{
|
||||
"name": "BAA 100",
|
||||
"no-features": [
|
||||
"hw-volume"
|
||||
]
|
||||
},
|
||||
{
|
||||
"name": "JBL Endurance RUN BT",
|
||||
"no-features": [
|
||||
|
@ -190,6 +196,35 @@
|
|||
"msbc-alt1"
|
||||
]
|
||||
},
|
||||
{
|
||||
"sysname": "Linux",
|
||||
"release": "~^5\\.12\\.(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17)($|[^0-9])"
|
||||
},
|
||||
{
|
||||
"sysname": "Linux",
|
||||
"release": "~^5\\.12\\.",
|
||||
"no-features": [
|
||||
"msbc-alt1"
|
||||
]
|
||||
},
|
||||
{
|
||||
"sysname": "Linux",
|
||||
"release": "~^5\\.13\\.(1|2)($|[^0-9])"
|
||||
},
|
||||
{
|
||||
"sysname": "Linux",
|
||||
"release": "~^5\\.13\\.",
|
||||
"no-features": [
|
||||
"msbc-alt1"
|
||||
]
|
||||
},
|
||||
{
|
||||
"sysname": "Linux",
|
||||
"release": "~^5\\.14\\.",
|
||||
"no-features": [
|
||||
"msbc-alt1"
|
||||
]
|
||||
},
|
||||
{
|
||||
"no-features": []
|
||||
}
|
||||
|
|
|
@ -24,5 +24,15 @@
|
|||
"name": "libpipewire-module-metadata"
|
||||
}
|
||||
],
|
||||
"jack.properties": {}
|
||||
"jack.properties": {},
|
||||
"jack.rules": [
|
||||
{
|
||||
"matches": [
|
||||
{}
|
||||
],
|
||||
"actions": {
|
||||
"update-props": {}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
|
@ -59,6 +59,7 @@
|
|||
"with-pulseaudio": [
|
||||
"with-audio",
|
||||
"bluez5",
|
||||
"bluez5-autoswitch",
|
||||
"logind",
|
||||
"restore-stream",
|
||||
"streams-follow-default"
|
||||
|
|
|
@ -220,7 +220,7 @@ with lib;
|
|||
after = [ "network.target" ];
|
||||
|
||||
preStart = ''
|
||||
mkdir -p /var/spool/nullmailer/{queue,tmp}
|
||||
mkdir -p /var/spool/nullmailer/{queue,tmp,failed}
|
||||
rm -f /var/spool/nullmailer/trigger && mkfifo -m 660 /var/spool/nullmailer/trigger
|
||||
'';
|
||||
|
||||
|
|
|
@ -522,6 +522,9 @@ in
|
|||
(umask 027; gitea_setup)
|
||||
''}
|
||||
|
||||
# run migrations/init the database
|
||||
${gitea}/bin/gitea migrate
|
||||
|
||||
# update all hooks' binary paths
|
||||
${gitea}/bin/gitea admin regenerate hooks
|
||||
|
||||
|
|
|
@ -312,6 +312,31 @@ in
|
|||
AmbientCapabilities = lib.mkIf (cfg.server.port < 1024) [ "CAP_NET_BIND_SERVICE" ];
|
||||
Restart = "on-failure";
|
||||
RestartSec = "5s";
|
||||
# Hardening
|
||||
CapabilityBoundingSet = if (cfg.server.port < 1024) then [ "CAP_NET_BIND_SERVICE" ] else [ "" ];
|
||||
DeviceAllow = [ "" ];
|
||||
LockPersonality = true;
|
||||
MemoryDenyWriteExecute = true;
|
||||
PrivateDevices = true;
|
||||
# A private user cannot have process capabilities on the host's user
|
||||
# namespace and thus CAP_NET_BIND_SERVICE has no effect.
|
||||
PrivateUsers = (cfg.server.port >= 1024);
|
||||
ProcSubset = "pid";
|
||||
ProtectClock = true;
|
||||
ProtectControlGroups = true;
|
||||
ProtectHome = true;
|
||||
ProtectHostname = true;
|
||||
ProtectKernelLogs = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectKernelTunables = true;
|
||||
ProtectProc = "invisible";
|
||||
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
|
||||
RestrictNamespaces = true;
|
||||
RestrictRealtime = true;
|
||||
RestrictSUIDSGID = true;
|
||||
SystemCallArchitectures = "native";
|
||||
SystemCallFilter = [ "@system-service" "~@privileged" "~@resources" ];
|
||||
UMask = "0077";
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -9,6 +9,7 @@ with lib;
|
|||
default = false;
|
||||
description = ''
|
||||
This option enables Mullvad VPN daemon.
|
||||
This sets <option>networking.firewall.checkReversePath</option> to "loose", which might be undesirable for security.
|
||||
'';
|
||||
};
|
||||
|
||||
|
@ -18,6 +19,9 @@ with lib;
|
|||
# mullvad-daemon writes to /etc/iproute2/rt_tables
|
||||
networking.iproute2.enable = true;
|
||||
|
||||
# See https://github.com/NixOS/nixpkgs/issues/113589
|
||||
networking.firewall.checkReversePath = "loose";
|
||||
|
||||
systemd.services.mullvad-daemon = {
|
||||
description = "Mullvad VPN daemon";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
@ -42,5 +46,5 @@ with lib;
|
|||
};
|
||||
};
|
||||
|
||||
meta.maintainers = [ maintainers.xfix ];
|
||||
meta.maintainers = with maintainers; [ ymarkus ];
|
||||
}
|
||||
|
|
|
@ -81,17 +81,26 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
initstepslew = mkOption {
|
||||
type = types.attrsOf (types.either types.bool types.int);
|
||||
default = {
|
||||
enabled = true;
|
||||
threshold = 1000; # by default, same threshold as 'ntpd -g' (1000s)
|
||||
initstepslew = {
|
||||
enabled = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Allow chronyd to make a rapid measurement of the system clock error
|
||||
at boot time, and to correct the system clock by stepping before
|
||||
normal operation begins.
|
||||
'';
|
||||
};
|
||||
|
||||
threshold = mkOption {
|
||||
type = types.either types.float types.int;
|
||||
default = 1000; # by default, same threshold as 'ntpd -g' (1000s)
|
||||
description = ''
|
||||
The threshold of system clock error (in seconds) above which the
|
||||
clock will be stepped. If the correction required is less than the
|
||||
threshold, a slew is used instead.
|
||||
'';
|
||||
};
|
||||
description = ''
|
||||
Allow chronyd to make a rapid measurement of the system clock error at
|
||||
boot time, and to correct the system clock by stepping before normal
|
||||
operation begins.
|
||||
'';
|
||||
};
|
||||
|
||||
directory = mkOption {
|
||||
|
|
|
@ -427,9 +427,12 @@ in
|
|||
nameValuePair ("tinc.${network}") ({
|
||||
description = "Tinc daemon user for ${network}";
|
||||
isSystemUser = true;
|
||||
group = "tinc.${network}";
|
||||
})
|
||||
);
|
||||
|
||||
users.groups = flip mapAttrs' cfg.networks (network: _:
|
||||
nameValuePair "tinc.${network}" {}
|
||||
);
|
||||
};
|
||||
|
||||
meta.maintainers = with maintainers; [ minijackson ];
|
||||
|
|
|
@ -173,6 +173,41 @@ in
|
|||
User = "unifi";
|
||||
UMask = "0077";
|
||||
WorkingDirectory = "${stateDir}";
|
||||
|
||||
# Hardening
|
||||
AmbientCapabilities = "";
|
||||
CapabilityBoundingSet = "";
|
||||
# ProtectClock= adds DeviceAllow=char-rtc r
|
||||
DeviceAllow = "";
|
||||
DevicePolicy = "closed";
|
||||
LockPersonality = true;
|
||||
NoNewPrivileges = true;
|
||||
PrivateDevices = true;
|
||||
PrivateMounts = true;
|
||||
PrivateTmp = true;
|
||||
PrivateUsers = true;
|
||||
ProtectClock = true;
|
||||
ProtectControlGroups = true;
|
||||
ProtectHome = true;
|
||||
ProtectHostname = true;
|
||||
ProtectKernelLogs = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectKernelTunables = true;
|
||||
ProtectSystem = "strict";
|
||||
RemoveIPC = true;
|
||||
RestrictNamespaces = true;
|
||||
RestrictRealtime = true;
|
||||
RestrictSUIDSGID = true;
|
||||
SystemCallErrorNumber = "EPERM";
|
||||
SystemCallFilter = [ "@system-service" ];
|
||||
|
||||
# Required for ProtectSystem=strict
|
||||
BindPaths = [ stateDir ];
|
||||
|
||||
# Needs network access
|
||||
PrivateNetwork = false;
|
||||
# Cannot be true due to OpenJDK
|
||||
MemoryDenyWriteExecute = false;
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -31,6 +31,20 @@ in
|
|||
|
||||
services.wakeonlan.interfaces = mkOption {
|
||||
default = [ ];
|
||||
type = types.listOf (types.submodule { options = {
|
||||
interface = mkOption {
|
||||
type = types.str;
|
||||
description = "Interface to enable for Wake-On-Lan.";
|
||||
};
|
||||
method = mkOption {
|
||||
type = types.enum [ "magicpacket" "password"];
|
||||
description = "Wake-On-Lan method for this interface.";
|
||||
};
|
||||
password = mkOption {
|
||||
type = types.strMatching "[a-fA-F0-9]{2}:([a-fA-F0-9]{2}:){4}[a-fA-F0-9]{2}";
|
||||
description = "The password has the shape of six bytes in hexadecimal separated by a colon each.";
|
||||
};
|
||||
};});
|
||||
example = [
|
||||
{
|
||||
interface = "eth0";
|
||||
|
|
|
@ -98,6 +98,29 @@ in
|
|||
EnvironmentFile = if cfg.adminCredentialsFile == null
|
||||
then defaultCredentials
|
||||
else cfg.adminCredentialsFile;
|
||||
# Hardening
|
||||
CapabilityBoundingSet = [ "" ];
|
||||
DeviceAllow = [ "" ];
|
||||
LockPersonality = true;
|
||||
MemoryDenyWriteExecute = true;
|
||||
PrivateDevices = true;
|
||||
PrivateUsers = true;
|
||||
ProcSubset = "pid";
|
||||
ProtectClock = true;
|
||||
ProtectControlGroups = true;
|
||||
ProtectHome = true;
|
||||
ProtectHostname = true;
|
||||
ProtectKernelLogs = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectKernelTunables = true;
|
||||
ProtectProc = "invisible";
|
||||
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
|
||||
RestrictNamespaces = true;
|
||||
RestrictRealtime = true;
|
||||
RestrictSUIDSGID = true;
|
||||
SystemCallArchitectures = "native";
|
||||
SystemCallFilter = [ "@system-service" "~@privileged" "~@resources" ];
|
||||
UMask = "0077";
|
||||
};
|
||||
|
||||
environment = cfg.config;
|
||||
|
|
|
@ -22,7 +22,9 @@ let
|
|||
} // (optionalAttrs (vhostConfig.enableACME || vhostConfig.useACMEHost != null) {
|
||||
sslCertificate = "${certs.${certName}.directory}/fullchain.pem";
|
||||
sslCertificateKey = "${certs.${certName}.directory}/key.pem";
|
||||
sslTrustedCertificate = "${certs.${certName}.directory}/chain.pem";
|
||||
sslTrustedCertificate = if vhostConfig.sslTrustedCertificate != null
|
||||
then vhostConfig.sslTrustedCertificate
|
||||
else "${certs.${certName}.directory}/chain.pem";
|
||||
})
|
||||
) cfg.virtualHosts;
|
||||
enableIPv6 = config.networking.enableIPv6;
|
||||
|
|
|
@ -145,7 +145,7 @@ with lib;
|
|||
sslTrustedCertificate = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
default = null;
|
||||
example = "/var/root.cert";
|
||||
example = "\${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
|
||||
description = "Path to root SSL certificate for stapling and client certificates.";
|
||||
};
|
||||
|
||||
|
|
|
@ -1128,6 +1128,7 @@ in
|
|||
|
||||
users.groups.systemd-journal.gid = config.ids.gids.systemd-journal;
|
||||
users.users.systemd-journal-gateway.uid = config.ids.uids.systemd-journal-gateway;
|
||||
users.users.systemd-journal-gateway.group = "systemd-journal-gateway";
|
||||
users.groups.systemd-journal-gateway.gid = config.ids.gids.systemd-journal-gateway;
|
||||
|
||||
# Generate timer units for all services that have a ‘startAt’ value.
|
||||
|
|
|
@ -8,10 +8,7 @@ let
|
|||
|
||||
etc' = filter (f: f.enable) (attrValues config.environment.etc);
|
||||
|
||||
etc = pkgs.runCommand "etc" {
|
||||
preferLocalBuild = true;
|
||||
allowSubstitutes = false;
|
||||
|
||||
etc = pkgs.runCommandLocal "etc" {
|
||||
# This is needed for the systemd module
|
||||
passthru.targets = map (x: x.target) etc';
|
||||
} /* sh */ ''
|
||||
|
|
|
@ -86,6 +86,7 @@ in
|
|||
|
||||
StateDirectory = "containerd";
|
||||
RuntimeDirectory = "containerd";
|
||||
RuntimeDirectoryPreserve = "yes";
|
||||
};
|
||||
unitConfig = {
|
||||
StartLimitBurst = "16";
|
||||
|
|
8
third_party/nixpkgs/nixos/tests/acme.nix
vendored
8
third_party/nixpkgs/nixos/tests/acme.nix
vendored
|
@ -105,9 +105,9 @@ in import ./make-test-python.nix ({ lib, ... }: {
|
|||
security.acme.certs."a.example.test".keyType = "ec384";
|
||||
security.acme.certs."a.example.test".postRun = ''
|
||||
set -euo pipefail
|
||||
touch test
|
||||
chown root:root test
|
||||
echo testing > test
|
||||
touch /home/test
|
||||
chown root:root /home/test
|
||||
echo testing > /home/test
|
||||
'';
|
||||
};
|
||||
|
||||
|
@ -383,7 +383,7 @@ in import ./make-test-python.nix ({ lib, ... }: {
|
|||
switch_to(webserver, "cert-change")
|
||||
webserver.wait_for_unit("acme-finished-a.example.test.target")
|
||||
check_connection_key_bits(client, "a.example.test", "384")
|
||||
webserver.succeed("grep testing /var/lib/acme/a.example.test/test")
|
||||
webserver.succeed("grep testing /home/test")
|
||||
# Clean to remove the testing file (and anything else messy we did)
|
||||
webserver.succeed("systemctl clean acme-a.example.test.service --what=state")
|
||||
|
||||
|
|
2
third_party/nixpkgs/nixos/tests/bazarr.nix
vendored
2
third_party/nixpkgs/nixos/tests/bazarr.nix
vendored
|
@ -7,7 +7,7 @@ let
|
|||
in
|
||||
{
|
||||
name = "bazarr";
|
||||
meta.maintainers = with maintainers; [ xwvvvvwx ];
|
||||
meta.maintainers = with maintainers; [ d-xo ];
|
||||
|
||||
nodes.machine =
|
||||
{ pkgs, ... }:
|
||||
|
|
6
third_party/nixpkgs/nixos/tests/nitter.nix
vendored
6
third_party/nixpkgs/nixos/tests/nitter.nix
vendored
|
@ -6,11 +6,13 @@ import ./make-test-python.nix ({ pkgs, ... }:
|
|||
|
||||
nodes.machine = {
|
||||
services.nitter.enable = true;
|
||||
# Test CAP_NET_BIND_SERVICE
|
||||
services.nitter.server.port = 80;
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
machine.wait_for_unit("nitter.service")
|
||||
machine.wait_for_open_port("8080")
|
||||
machine.succeed("curl --fail http://localhost:8080/")
|
||||
machine.wait_for_open_port("80")
|
||||
machine.succeed("curl --fail http://localhost:80/")
|
||||
'';
|
||||
})
|
||||
|
|
|
@ -8,7 +8,7 @@ import ../make-test-python.nix ({ pkgs, lib, ... }:
|
|||
{
|
||||
name = "wg-quick";
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ xwvvvvwx ];
|
||||
maintainers = [ d-xo ];
|
||||
};
|
||||
|
||||
nodes = {
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
let
|
||||
cert = pkgs: pkgs.runCommandNoCC "selfSignedCerts" { buildInputs = [ pkgs.openssl ]; } ''
|
||||
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -nodes -subj '/CN=example.com/CN=uploads.example.com/CN=conference.example.com'
|
||||
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -nodes -subj '/CN=example.com/CN=uploads.example.com/CN=conference.example.com' -days 36500
|
||||
mkdir -p $out
|
||||
cp key.pem cert.pem $out
|
||||
'';
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
, stdenv
|
||||
, lib
|
||||
, fetchFromGitHub
|
||||
, fetchpatch
|
||||
, qmake
|
||||
, pkg-config
|
||||
, qttools
|
||||
|
@ -13,25 +12,16 @@
|
|||
|
||||
mkDerivation rec {
|
||||
pname = "bambootracker";
|
||||
version = "0.4.6";
|
||||
version = "0.5.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "rerrahkr";
|
||||
owner = "BambooTracker";
|
||||
repo = "BambooTracker";
|
||||
rev = "v${version}";
|
||||
sha256 = "0iddqfw951dw9xpl4w7310sl4z544507ppb12i8g4fzvlxfw2ifc";
|
||||
fetchSubmodules = true;
|
||||
sha256 = "1mpbvhsmrn0wdmxfp3n5dwv4474qlhy47r3vwc2jwdslq6vgl1fa";
|
||||
};
|
||||
|
||||
# TODO Remove when updating past 0.4.6
|
||||
# Fixes build failure on darwin
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
name = "bambootracker-Add_braces_in_initialization_of_std-array.patch";
|
||||
url = "https://github.com/rerrahkr/BambooTracker/commit/0fc96c60c7ae6c2504ee696bb7dec979ac19717d.patch";
|
||||
sha256 = "1z28af46mqrgnyrr4i8883gp3wablkk8rijnj0jvpq01s4m2sfjn";
|
||||
})
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ qmake qttools pkg-config ];
|
||||
|
||||
buildInputs = [ qtbase rtaudio rtmidi ];
|
||||
|
@ -40,18 +30,20 @@ mkDerivation rec {
|
|||
|
||||
postConfigure = "make qmake_all";
|
||||
|
||||
# installs app bundle on darwin, re-extract the binary
|
||||
# wrapQtAppsHook fails to wrap mach-o binaries, manually call wrapper (https://github.com/NixOS/nixpkgs/issues/102044)
|
||||
# 1. installs app bundle on darwin, move to app bundle dir & link binary to bin
|
||||
# 2. wrapQtAppsHook fails to wrap mach-o binaries automatically, manually call wrapper
|
||||
# (see https://github.com/NixOS/nixpkgs/issues/102044)
|
||||
postInstall = lib.optionalString stdenv.hostPlatform.isDarwin ''
|
||||
mv $out/bin/BambooTracker{.app/Contents/MacOS/BambooTracker,}
|
||||
rm -r $out/bin/BambooTracker.app
|
||||
wrapQtApp $out/bin/BambooTracker
|
||||
mkdir -p $out/Applications
|
||||
mv $out/{bin,Applications}/BambooTracker.app
|
||||
wrapQtApp $out/Applications/BambooTracker.app/Contents/MacOS/BambooTracker
|
||||
ln -s $out/{Applications/BambooTracker.app/Contents/MacOS,bin}/BambooTracker
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "A tracker for YM2608 (OPNA) which was used in NEC PC-8801/9801 series computers";
|
||||
homepage = "https://rerrahkr.github.io/BambooTracker";
|
||||
license = licenses.gpl2Only;
|
||||
homepage = "https://bambootracker.github.io/BambooTracker/";
|
||||
license = licenses.gpl2Plus;
|
||||
platforms = platforms.all;
|
||||
maintainers = with maintainers; [ OPNA2608 ];
|
||||
};
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "boops";
|
||||
version = "1.6.0";
|
||||
version = "1.6.4";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "sjaehn";
|
||||
repo = "BOops";
|
||||
rev = version;
|
||||
sha256 = "sha256-7eNvt8PxIZCp83Y5XX5fBolBon4j+HPtu8wrgG8Miok=";
|
||||
sha256 = "sha256-rljUb0fj231MQh+7jTpjAsZm1QkNzfdSpcI1cS5fs/c=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ pkg-config ];
|
||||
|
|
|
@ -8,11 +8,13 @@
|
|||
, gtk3
|
||||
, gst_all_1
|
||||
, gobject-introspection
|
||||
, libhandy
|
||||
, python3Packages
|
||||
, file
|
||||
, cairo
|
||||
, gettext
|
||||
, gnome
|
||||
, pantheon
|
||||
}:
|
||||
|
||||
python3Packages.buildPythonApplication rec {
|
||||
|
@ -20,7 +22,7 @@ python3Packages.buildPythonApplication rec {
|
|||
format = "other"; # no setup.py
|
||||
|
||||
pname = "cozy";
|
||||
version = "0.7.2";
|
||||
version = "1.0.3";
|
||||
|
||||
# Temporary fix
|
||||
# See https://github.com/NixOS/nixpkgs/issues/57029
|
||||
|
@ -31,7 +33,7 @@ python3Packages.buildPythonApplication rec {
|
|||
owner = "geigi";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "0fmbddi4ga0bppwg3rm3yjmf7jgqc6zfslmavnr1pglbzkjhy9fs";
|
||||
sha256 = "0m0xiqpb87pwr3fhy0a4qxg67yjhwchcxj3x2anyy0li4inryxag";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
@ -47,6 +49,8 @@ python3Packages.buildPythonApplication rec {
|
|||
cairo
|
||||
gettext
|
||||
gnome.adwaita-icon-theme
|
||||
libhandy
|
||||
pantheon.granite
|
||||
] ++ (with gst_all_1; [
|
||||
gstreamer
|
||||
gst-plugins-good
|
||||
|
@ -70,8 +74,7 @@ python3Packages.buildPythonApplication rec {
|
|||
];
|
||||
|
||||
postPatch = ''
|
||||
chmod +x meson/post_install.py
|
||||
patchShebangs meson/post_install.py
|
||||
patchShebangs meson/*.py
|
||||
'';
|
||||
|
||||
postInstall = ''
|
||||
|
|
|
@ -13,17 +13,17 @@
|
|||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "helvum";
|
||||
version = "0.2.1";
|
||||
version = "0.3.0";
|
||||
|
||||
src = fetchFromGitLab {
|
||||
domain = "gitlab.freedesktop.org";
|
||||
owner = "ryuukyu";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "sha256-ZnpdGXK8N8c/s4qC2NXcn0Pdqrqr47iOWvVwXD9pn1A=";
|
||||
sha256 = "sha256-AlHCK4pWaoNjR0eflxHBsuVaaily/RvCbgJv/ByQZK4=";
|
||||
};
|
||||
|
||||
cargoSha256 = "sha256-2v2L20rUWftXdhhuE3wiRrDIuSg6VFxfpWYMRaMUyTU=";
|
||||
cargoSha256 = "sha256-mAhh12rGvQjs2xtm+OrtVv0fgG6qni/QM/oRYoFR7U8=";
|
||||
|
||||
nativeBuildInputs = [ clang copyDesktopItems pkg-config ];
|
||||
buildInputs = [ glib gtk4 pipewire ];
|
||||
|
|
|
@ -18,7 +18,7 @@ buildGoPackage rec {
|
|||
description = "Generate QRCode to connect apps to lnd Resources";
|
||||
license = licenses.mit;
|
||||
homepage = "https://github.com/LN-Zap/lndconnect";
|
||||
maintainers = [ maintainers.xwvvvvwx ];
|
||||
maintainers = [ maintainers.d-xo ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -25,6 +25,6 @@ buildGoModule rec {
|
|||
homepage = "https://github.com/ledgerwatch/turbo-geth/";
|
||||
description = "Ethereum node and geth fork focused on scalability and modularity";
|
||||
license = with licenses; [ lgpl3Plus gpl3Plus ];
|
||||
maintainers = with maintainers; [ xwvvvvwx ];
|
||||
maintainers = with maintainers; [ d-xo ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -10,11 +10,11 @@
|
|||
|
||||
mkDerivation rec {
|
||||
pname = "kdevelop";
|
||||
version = "5.6.1";
|
||||
version = "5.6.2";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://kde/stable/${pname}/${version}/src/${pname}-${version}.tar.xz";
|
||||
sha256 = "02ip5r67hjfpywkm3mz86n6wbqcr7996ifzfd2fyzsvm4998hi4y";
|
||||
sha256 = "sha256-D4a8P+U/dhwePj91RFd6DEFDO+i/8xDPLnKfdvQ2O/Y=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
|
@ -2,20 +2,20 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "micro";
|
||||
version = "2.0.9";
|
||||
version = "2.0.10";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "zyedidia";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-8QtucdamxVwHuuhQhVQuvTNbqY5p97LKSB23617p4ow=";
|
||||
sha256 = "sha256-hVFmViwGXuYVAKaCkzK/LHjCi8AtLu0tsPpT61glxys=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ installShellFiles ];
|
||||
|
||||
subPackages = [ "cmd/micro" ];
|
||||
|
||||
vendorSha256 = "sha256-bkD125ePdKcVgmNilOMZgUK6A8KWxaBOGKs8AvvIboI=";
|
||||
vendorSha256 = "sha256-YcAKl4keizkbgQLAZGiCG3CGpNTNad8EvOJEXLX2s0s=";
|
||||
|
||||
buildFlagsArray = [ "-ldflags=-s -w -X github.com/zyedidia/micro/v2/internal/util.Version=${version} -X github.com/zyedidia/micro/v2/internal/util.CommitHash=${src.rev}" ];
|
||||
|
||||
|
|
|
@ -24,7 +24,7 @@ let
|
|||
six
|
||||
];
|
||||
in mkDerivation rec {
|
||||
version = "3.16.7";
|
||||
version = "3.16.9";
|
||||
pname = "qgis";
|
||||
name = "${pname}-unwrapped-${version}";
|
||||
|
||||
|
@ -32,7 +32,7 @@ in mkDerivation rec {
|
|||
owner = "qgis";
|
||||
repo = "QGIS";
|
||||
rev = "final-${lib.replaceStrings [ "." ] [ "_" ] version}";
|
||||
sha256 = "0yvb2w83dplh0my72xljglq9a4a7qkfliwslav26lw4yqxr8mr0p";
|
||||
sha256 = "sha256-Y9WVgKEMOSMaXxfC9EQ8yqBYEj4XNL7YdMp8vjV55d0=";
|
||||
};
|
||||
|
||||
passthru = {
|
||||
|
|
|
@ -24,13 +24,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "akira";
|
||||
version = "0.0.14";
|
||||
version = "0.0.15";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "akiraux";
|
||||
repo = "Akira";
|
||||
rev = "v${version}";
|
||||
sha256 = "1zbb2bsc6v2rwrbigbkgrzfjmlj96s3ri73zbdcyqg4p08v1w4l6";
|
||||
sha256 = "sha256-2GhpxajymLVAl2P6vZ0+nuZK3ZRRktFswWkj7TP8eHI=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
|
@ -56,13 +56,13 @@ assert builtins.all
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "imv";
|
||||
version = "4.2.0";
|
||||
version = "4.3.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "eXeC64";
|
||||
repo = "imv";
|
||||
rev = "v${version}";
|
||||
sha256 = "07pcpppmfvvj0czfvp1cyq03ha0jdj4whl13lzvw37q3vpxs5qqh";
|
||||
sha256 = "sha256-HP9W9US9e3YAXwCqiHV8NVqrO20SfQKcW3a6+r1XrIs=";
|
||||
};
|
||||
|
||||
mesonFlags = [
|
||||
|
|
|
@ -8,8 +8,6 @@ stdenv.mkDerivation {
|
|||
sha256 = "15qlvdfwbiclljj7075ycm78yzqahzrgl4ky8pymix5179acm05h";
|
||||
};
|
||||
|
||||
phases = [ "unpackPhase" "installPhase" ];
|
||||
|
||||
unpackPhase = ''
|
||||
tar -zxf $src
|
||||
'';
|
||||
|
|
|
@ -3,13 +3,13 @@
|
|||
|
||||
mkDerivation rec {
|
||||
pname = "AusweisApp2";
|
||||
version = "1.22.0";
|
||||
version = "1.22.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "Governikus";
|
||||
repo = "AusweisApp2";
|
||||
rev = version;
|
||||
sha256 = "00isb8xcbm419nvxx2ri0n8x5d403733h2whjqjcd3hmpx3x4q1h";
|
||||
sha256 = "sha256-Oci1y6//45Gep4IS6Ym+v9MPCP5mOswAiWPkXqd+zR0=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake pkg-config ];
|
||||
|
|
|
@ -10,7 +10,8 @@ stdenv.mkDerivation {
|
|||
|
||||
nativeBuildInputs = [ unzip ];
|
||||
|
||||
phases = [ "buildPhase" ];
|
||||
dontUnpack = true;
|
||||
dontInstall = true;
|
||||
|
||||
buildPhase = ''
|
||||
mkdir -p "$out/avrdudess"
|
||||
|
|
|
@ -38,7 +38,7 @@ stdenv.mkDerivation rec {
|
|||
at-spi2-atk
|
||||
];
|
||||
|
||||
phases = "unpackPhase fixupPhase";
|
||||
dontInstall = true;
|
||||
|
||||
# change this to azuredatastudio-insiders for insiders releases
|
||||
edition = "azuredatastudio";
|
||||
|
|
|
@ -19,13 +19,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "cherrytree";
|
||||
version = "0.99.39";
|
||||
version = "0.99.40";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "giuspen";
|
||||
repo = "cherrytree";
|
||||
rev = version;
|
||||
sha256 = "sha256-QSRYtnZxLAaq42PvPd5+LxSzq/Hd/Cz5bquBTiGWnAE=";
|
||||
sha256 = "sha256-K1rf8/7kEpfLOPYJGh5U2eTnr5XCDhuc+seoUAKW7aE=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
|
@ -29,13 +29,13 @@ with lib;
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "elogind";
|
||||
version = "243.7";
|
||||
version = "246.10";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "elogind";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "0cihdf7blhncm2359qxli24j9l3dkn15gjys5vpjwny80zlym5ma";
|
||||
sha256 = "sha256-+Nv6FL9Yjmfxs24+2mUTP//wbjzGUq4ftgJLfuEqBJg=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
|
@ -11,7 +11,7 @@ stdenv.mkDerivation rec {
|
|||
sha256 = "18x3s3jrph8k3pc75jgwkfqazygpsx93zjxx68zms58my17cybh1";
|
||||
};
|
||||
|
||||
phases = [ "buildPhase" "installPhase" ];
|
||||
dontUnpack = true;
|
||||
|
||||
buildPhase = ''
|
||||
mkdir -p $out/bin $out/share/java
|
||||
|
|
58
third_party/nixpkgs/pkgs/applications/misc/fnott/default.nix
vendored
Normal file
58
third_party/nixpkgs/pkgs/applications/misc/fnott/default.nix
vendored
Normal file
|
@ -0,0 +1,58 @@
|
|||
{ stdenv
|
||||
, lib
|
||||
, fetchFromGitea
|
||||
, pkg-config
|
||||
, meson
|
||||
, ninja
|
||||
, scdoc
|
||||
, wayland-protocols
|
||||
, tllist
|
||||
, fontconfig
|
||||
, freetype
|
||||
, pixman
|
||||
, libpng
|
||||
, wayland
|
||||
, wlroots
|
||||
, dbus
|
||||
, fcft
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "fnott";
|
||||
version = "1.1.0";
|
||||
|
||||
src = fetchFromGitea {
|
||||
domain = "codeberg.org";
|
||||
owner = "dnkl";
|
||||
repo = "fnott";
|
||||
rev = version;
|
||||
sha256 = "sha256-gzU5AqjCIZlhLbnj/xuSGJ69ZhLv9zQxlM0Nn+MIX/U=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
pkg-config
|
||||
meson
|
||||
ninja
|
||||
scdoc
|
||||
wayland-protocols
|
||||
tllist
|
||||
];
|
||||
buildInputs = [
|
||||
fontconfig
|
||||
freetype
|
||||
pixman
|
||||
libpng
|
||||
wayland
|
||||
wlroots
|
||||
dbus
|
||||
fcft
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://codeberg.org/dnkl/fnott";
|
||||
description = "Keyboard driven and lightweight Wayland notification daemon for wlroots-based compositors.";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ polykernel ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
|
@ -1,22 +1,75 @@
|
|||
{ stdenv, lib, fetchzip, pkg-config, meson, ninja, wayland, pixman, cairo, librsvg, wayland-protocols, wlroots, libxkbcommon, scdoc, git, tllist, fcft}:
|
||||
{ stdenv
|
||||
, lib
|
||||
, fetchFromGitea
|
||||
, pkg-config
|
||||
, meson
|
||||
, ninja
|
||||
, wayland-scanner
|
||||
, wayland
|
||||
, pixman
|
||||
, wayland-protocols
|
||||
, libxkbcommon
|
||||
, scdoc
|
||||
, tllist
|
||||
, fcft
|
||||
, enableCairo ? true
|
||||
, enablePNG ? true
|
||||
, enableSVG ? true
|
||||
# Optional dependencies
|
||||
, cairo
|
||||
, librsvg
|
||||
, libpng
|
||||
}:
|
||||
|
||||
let
|
||||
# Courtesy of sternenseemann and FRidh, commit c9a7fdfcfb420be8e0179214d0d91a34f5974c54
|
||||
mesonFeatureFlag = opt: b: "-D${opt}=${if b then "enabled" else "disabled"}";
|
||||
in
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "fuzzel";
|
||||
version = "1.6.1";
|
||||
|
||||
src = fetchzip {
|
||||
url = "https://codeberg.org/dnkl/fuzzel/archive/${version}.tar.gz";
|
||||
src = fetchFromGitea {
|
||||
domain = "codeberg.org";
|
||||
owner = "dnkl";
|
||||
repo = "fuzzel";
|
||||
rev = version;
|
||||
sha256 = "sha256-JW5sAlTprSRIdFbmSaUreGtNccERgQMGEW+WCSscYQk=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ pkg-config meson ninja scdoc git ];
|
||||
buildInputs = [ wayland pixman cairo librsvg wayland-protocols wlroots libxkbcommon tllist fcft ];
|
||||
nativeBuildInputs = [
|
||||
pkg-config
|
||||
wayland-scanner
|
||||
meson
|
||||
ninja
|
||||
scdoc
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
wayland
|
||||
pixman
|
||||
wayland-protocols
|
||||
libxkbcommon
|
||||
tllist
|
||||
fcft
|
||||
] ++ lib.optional enableCairo cairo
|
||||
++ lib.optional enablePNG libpng
|
||||
++ lib.optional enableSVG librsvg;
|
||||
|
||||
mesonBuildType = "release";
|
||||
|
||||
mesonFlags = [
|
||||
(mesonFeatureFlag "enable-cairo" enableCairo)
|
||||
(mesonFeatureFlag "enable-png" enablePNG)
|
||||
(mesonFeatureFlag "enable-svg" enableSVG)
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Wayland-native application launcher, similar to rofi’s drun mode";
|
||||
homepage = "https://codeberg.org/dnkl/fuzzel";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ fionera ];
|
||||
maintainers = with maintainers; [ fionera polykernel ];
|
||||
platforms = with platforms; linux;
|
||||
changelog = "https://codeberg.org/dnkl/fuzzel/releases/tag/${version}";
|
||||
};
|
||||
|
|
|
@ -15,8 +15,6 @@ stdenv.mkDerivation rec {
|
|||
nativeBuildInputs = [ makeWrapper ];
|
||||
buildInputs = [ jre ];
|
||||
|
||||
phases = [ "unpackPhase" "installPhase" "fixupPhase" ];
|
||||
|
||||
installPhase = let
|
||||
|
||||
desktopItem = makeDesktopItem {
|
||||
|
|
|
@ -8,7 +8,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
nativeBuildInputs = [ makeWrapper ];
|
||||
|
||||
phases = [ "installPhase" ];
|
||||
dontUnpack = true;
|
||||
|
||||
installPhase = let
|
||||
env = bundlerEnv {
|
||||
|
|
|
@ -4,7 +4,7 @@ stdenv.mkDerivation {
|
|||
pname = "example-unfree-package";
|
||||
version = "1.0";
|
||||
|
||||
phases = [ "installPhase" "fixupPhase" ];
|
||||
dontUnpack = true;
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out/bin
|
||||
|
|
|
@ -55,7 +55,8 @@ let
|
|||
install -Dm444 ${appimageContents}/@joplinapp-desktop.desktop -t $out/share/applications
|
||||
install -Dm444 ${appimageContents}/@joplinapp-desktop.png -t $out/share/pixmaps
|
||||
substituteInPlace $out/share/applications/@joplinapp-desktop.desktop \
|
||||
--replace 'Exec=AppRun' 'Exec=${pname}'
|
||||
--replace 'Exec=AppRun' 'Exec=${pname}' \
|
||||
--replace 'Icon=joplin' "Icon=$out/share/pixmaps/@joplinapp-desktop.png"
|
||||
'';
|
||||
};
|
||||
|
||||
|
|
|
@ -3,11 +3,11 @@
|
|||
|
||||
with builtins; buildDotnetPackage rec {
|
||||
baseName = "keepass";
|
||||
version = "2.46";
|
||||
version = "2.48.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/keepass/KeePass-${version}-Source.zip";
|
||||
sha256 = "0zyclydgyg8nhwxrzw7x4f82975cqdmp12py33k6sballx6jhgiy";
|
||||
sha256 = "sha256-HkAgKPvf8TUgUlgsGWVgjuYJaRPGi8obOFQEtmzDtLE=";
|
||||
};
|
||||
|
||||
sourceRoot = ".";
|
||||
|
|
|
@ -3,11 +3,11 @@
|
|||
|
||||
mkDerivation rec {
|
||||
pname = "latte-dock";
|
||||
version = "0.9.12";
|
||||
version = "0.10.0";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://download.kde.org/stable/${pname}/${pname}-${version}.tar.xz";
|
||||
sha256 = "sha256-srivjGnrEizLvph7AP/02dOsnMyTnL3a6f0xm8oGML4=";
|
||||
sha256 = "04kq86qmrjbzidrkknj000pv1b5z0r7nfidhy2zv67ks8fdi4zln";
|
||||
name = "${pname}-${version}.tar.xz";
|
||||
};
|
||||
|
||||
|
|
|
@ -6,13 +6,16 @@
|
|||
|
||||
mkDerivation rec {
|
||||
pname = "opentx";
|
||||
version = "2.3.13";
|
||||
version = "2.3.14";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "opentx";
|
||||
repo = "opentx";
|
||||
rev = "release/${version}";
|
||||
sha256 = "sha256-Bi/Cz2T2NdtnJZHav8qvo+gErPsR8Ym7K3KcD5APt6Y=";
|
||||
# 2.3.14 release tag points to the commit before the one that updates the
|
||||
# version number.
|
||||
# rev = "release/${version}";
|
||||
rev = "1e09791a1e2fe2a0ca9835019d634a4c6a4fa3bf";
|
||||
sha256 = "0mhzp1j6nmqvkjxg8lv8xa637m1lavdsak30mdlq0g25dhwg6k92";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake gcc-arm-embedded python3Packages.pillow ];
|
||||
|
@ -41,7 +44,7 @@ mkDerivation rec {
|
|||
running radio simulators.
|
||||
'';
|
||||
homepage = "https://www.open-tx.org/";
|
||||
license = licenses.gpl2;
|
||||
license = licenses.gpl2Only;
|
||||
platforms = [ "i686-linux" "x86_64-linux" "aarch64-linux" ];
|
||||
maintainers = with maintainers; [ elitak lopsided98 ];
|
||||
};
|
||||
|
|
|
@ -1,46 +0,0 @@
|
|||
{ lib, fetchFromGitHub, python3Packages }:
|
||||
|
||||
with python3Packages;
|
||||
buildPythonApplication rec {
|
||||
version = "1.27.0";
|
||||
pname = "rtv";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "michael-lazar";
|
||||
repo = "rtv";
|
||||
rev = "v${version}";
|
||||
sha256 = "1hw7xy2kjxq7y3wcibcz4l7zj8icvigialqr17l362xry0y17y5j";
|
||||
};
|
||||
|
||||
# Tests try to access network
|
||||
doCheck = false;
|
||||
|
||||
checkPhase = ''
|
||||
py.test
|
||||
'';
|
||||
|
||||
checkInputs = [
|
||||
coverage
|
||||
coveralls
|
||||
docopt
|
||||
mock
|
||||
pylint
|
||||
pytest
|
||||
vcrpy
|
||||
];
|
||||
|
||||
propagatedBuildInputs = [
|
||||
beautifulsoup4
|
||||
decorator
|
||||
kitchen
|
||||
requests
|
||||
six
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://github.com/michael-lazar/rtv";
|
||||
description = "Browse Reddit from your Terminal";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ matthiasbeyer wedens ];
|
||||
};
|
||||
}
|
|
@ -4,7 +4,7 @@
|
|||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "smos-${version}";
|
||||
pname = "smos";
|
||||
version = "0.1.0";
|
||||
|
||||
src = fetchurl {
|
||||
|
@ -12,7 +12,8 @@ stdenv.mkDerivation rec {
|
|||
sha256 = "sha256:07yavk7xl92yjwwjdig90yq421n8ldv4fjfw7izd4hfpzw849a12";
|
||||
};
|
||||
|
||||
phases = [ "unpackPhase" ];
|
||||
dontInstall = true;
|
||||
|
||||
unpackCmd = "${unzip}/bin/unzip -d $out $curSrc";
|
||||
sourceRoot = ".";
|
||||
|
||||
|
|
|
@ -2,16 +2,16 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "tut";
|
||||
version = "0.0.20";
|
||||
version = "0.0.26";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "RasmusLindroth";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "03jiv5m807z96796fbpi6ny22am3sq4jfni37fxbld05sxdzwcnd";
|
||||
sha256 = "1d4n55p9hl4c8i2yz3gq3r7kma7j32pr976dhd7xdwhxadvn3aal";
|
||||
};
|
||||
|
||||
vendorSha256 = "1in5b7ixnm5iizkzziqclvgaq87ccdh507amkgfhfy5sxsgbfb1g";
|
||||
vendorSha256 = "1zmwfgl1mayqcqk93368l94d6yah1qb0x11vf9b2x7zbzxzfshg9";
|
||||
|
||||
meta = with lib; {
|
||||
description = "A TUI for Mastodon with vim inspired keys";
|
||||
|
|
|
@ -7,16 +7,16 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "usql";
|
||||
version = "0.9.1";
|
||||
version = "0.9.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "xo";
|
||||
repo = "usql";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-fcKn4kHIRvMdgGFKDNQg49YxLc0Y5j/8VwKoDLiXbEU=";
|
||||
sha256 = "sha256-vLGoPttl7f4qCVM8e0F0llIODuNqJ7GxXqbUgokv7Qw=";
|
||||
};
|
||||
|
||||
vendorSha256 = "sha256-uAV8NLnqXjIDILfnbbkVr2BOIucQ8vX89KI5yIkVtus=";
|
||||
vendorSha256 = "sha256-sGECp1L6WzIPGbQbBoV1IrTgyy4/c95OLAmj9D0FjXs=";
|
||||
|
||||
buildInputs = [ unixODBC icu ];
|
||||
|
||||
|
|
|
@ -1,50 +1,64 @@
|
|||
{ stdenv
|
||||
, lib
|
||||
, fetchgit
|
||||
, fetchFromGitea
|
||||
, pkg-config
|
||||
, meson
|
||||
, ninja
|
||||
, pkg-config
|
||||
, git
|
||||
, scdoc
|
||||
, cairo
|
||||
, fcft
|
||||
, libpng
|
||||
, librsvg
|
||||
, libxkbcommon
|
||||
, pixman
|
||||
, tllist
|
||||
, wayland
|
||||
, wayland-scanner
|
||||
, wayland-protocols
|
||||
, wlroots
|
||||
, enablePNG ? true
|
||||
, enableJPEG ? true
|
||||
# Optional dependencies
|
||||
, libpng
|
||||
, libjpeg
|
||||
}:
|
||||
|
||||
let
|
||||
# Courtesy of sternenseemann and FRidh, commit c9a7fdfcfb420be8e0179214d0d91a34f5974c54
|
||||
mesonFeatureFlag = opt: b: "-D${opt}=${if b then "enabled" else "disabled"}";
|
||||
in
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "wbg";
|
||||
version = "unstable-2020-08-01";
|
||||
version = "1.0.2";
|
||||
|
||||
src = fetchgit {
|
||||
url = "https://codeberg.org/dnkl/wbg";
|
||||
rev = "1b05bd80d0f40e3ba1e977002d0653f532649269";
|
||||
sha256 = "0i1j7aqvj0vl2ww5cvffqci1kjqjn0sw6sp2j0ljblaif6qk9asc";
|
||||
src = fetchFromGitea {
|
||||
domain = "codeberg.org";
|
||||
owner = "dnkl";
|
||||
repo = "wbg";
|
||||
rev = version;
|
||||
sha256 = "sha256-PKEOWRcSAB4Uv5TfameQIEZh6s6xCGdyoZ13etL1TKA=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ pkg-config meson ninja scdoc git ];
|
||||
nativeBuildInputs = [
|
||||
pkg-config
|
||||
meson
|
||||
ninja
|
||||
wayland-scanner
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
cairo
|
||||
fcft
|
||||
libpng
|
||||
librsvg
|
||||
libxkbcommon
|
||||
pixman
|
||||
tllist
|
||||
wayland
|
||||
wayland-protocols
|
||||
wlroots
|
||||
] ++ lib.optional enablePNG libpng
|
||||
++ lib.optional enableJPEG libjpeg;
|
||||
|
||||
mesonBuildType = "release";
|
||||
|
||||
mesonFlags = [
|
||||
(mesonFeatureFlag "png" enablePNG)
|
||||
(mesonFeatureFlag "jpeg" enableJPEG)
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Wallpaper application for Wayland compositors";
|
||||
homepage = "https://codeberg.org/dnkl/wbg";
|
||||
changelog = "https://codeberg.org/dnkl/wbg/releases/tag/${version}";
|
||||
license = licenses.isc;
|
||||
maintainers = with maintainers; [ AndersonTorres ];
|
||||
platforms = with platforms; linux;
|
||||
|
|
|
@ -17,12 +17,12 @@ buildGoModule rec {
|
|||
|
||||
preBuild = ''
|
||||
make assets
|
||||
export buildFlagsArray=(
|
||||
"-ldflags=-s -w -X github.com/writeas/writefreely.softwareVer=${version}"
|
||||
"-tags='sqlite'"
|
||||
)
|
||||
'';
|
||||
|
||||
ldflags = [ "-s" "-w" "-X github.com/writeas/writefreely.softwareVer=${version}" ];
|
||||
|
||||
tags = [ "sqlite" ];
|
||||
|
||||
subPackages = [ "cmd/writefreely" ];
|
||||
|
||||
meta = with lib; {
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ stdenv
|
||||
, lib
|
||||
, fetchgit
|
||||
, fetchFromGitea
|
||||
, pkg-config
|
||||
, meson
|
||||
, ninja
|
||||
|
@ -9,50 +9,75 @@
|
|||
, fcft
|
||||
, json_c
|
||||
, libmpdclient
|
||||
, libxcb
|
||||
, libyaml
|
||||
, pixman
|
||||
, tllist
|
||||
, udev
|
||||
, wayland
|
||||
, wayland-scanner
|
||||
, wayland-protocols
|
||||
, waylandSupport ? false
|
||||
# Xorg backend
|
||||
, libxcb
|
||||
, xcbutil
|
||||
, xcbutilcursor
|
||||
, xcbutilerrors
|
||||
, xcbutilwm
|
||||
}:
|
||||
|
||||
let
|
||||
# Courtesy of sternenseemann and FRidh, commit c9a7fdfcfb420be8e0179214d0d91a34f5974c54
|
||||
mesonFeatureFlag = opt: b: "-D${opt}=${if b then "enabled" else "disabled"}";
|
||||
in
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "yambar";
|
||||
version = "1.6.2";
|
||||
|
||||
src = fetchgit {
|
||||
url = "https://codeberg.org/dnkl/yambar.git";
|
||||
src = fetchFromGitea {
|
||||
domain = "codeberg.org";
|
||||
owner = "dnkl";
|
||||
repo = "yambar";
|
||||
rev = version;
|
||||
sha256 = "sha256-oUNkaWrYIcsK2u+aeRg6DHmH4M1VZ0leNSM0lV9Yy1Y=";
|
||||
sha256 = "sha256-GPKR2BYl3ebxxXbVfH/oZLs7639EYwWU4ZsilJn0Ss8=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ pkg-config meson ninja scdoc ];
|
||||
nativeBuildInputs = [
|
||||
pkg-config
|
||||
meson
|
||||
ninja
|
||||
scdoc
|
||||
wayland-scanner
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
alsa-lib
|
||||
fcft
|
||||
json_c
|
||||
libmpdclient
|
||||
libxcb
|
||||
libyaml
|
||||
pixman
|
||||
tllist
|
||||
udev
|
||||
wayland
|
||||
wayland-protocols
|
||||
] ++ lib.optionals (!waylandSupport) [
|
||||
xcbutil
|
||||
xcbutilcursor
|
||||
xcbutilerrors
|
||||
xcbutilwm
|
||||
];
|
||||
|
||||
mesonBuildType = "release";
|
||||
|
||||
mesonFlags = [
|
||||
(mesonFeatureFlag "backend-x11" (!waylandSupport))
|
||||
(mesonFeatureFlag "backend-wayland" waylandSupport)
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://codeberg.org/dnkl/yambar";
|
||||
changelog = "https://codeberg.org/dnkl/yambar/releases/tag/${version}";
|
||||
description = "Modular status panel for X11 and Wayland";
|
||||
longDescription = ''
|
||||
yambar is a lightweight and configurable status panel (bar, for short) for
|
||||
|
|
|
@ -2,17 +2,16 @@
|
|||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "zola";
|
||||
version = "unstable-2021-07-14";
|
||||
version = "0.14.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "getzola";
|
||||
repo = pname;
|
||||
# unstable because the latest release fails to build
|
||||
rev = "312ffcb04c06c5f157b9fd2b944b858703238592";
|
||||
sha256 = "0i5zqs1gwxhvsynb540c3azfi4357igr4i5p0bi3h7ras2asas8w";
|
||||
rev = "v${version}";
|
||||
sha256 = "1mvin6pfqhsfhaifivbdi6qcn0dsa98w83m1n51q807gh4l1k2yj";
|
||||
};
|
||||
|
||||
cargoSha256 = "0g5z0s837cfwzral2zz0avp0xywyaa3l1adxg520qrnga7z0kbh8";
|
||||
cargoSha256 = "02bk399c7x15a5rkaz7ik65yihkfbjn1q46gx7l8hycqq7xb0xmg";
|
||||
|
||||
nativeBuildInputs = [ cmake pkg-config installShellFiles];
|
||||
buildInputs = [ openssl oniguruma ]
|
||||
|
@ -30,6 +29,7 @@ rustPlatform.buildRustPackage rec {
|
|||
meta = with lib; {
|
||||
description = "A fast static site generator with everything built-in";
|
||||
homepage = "https://www.getzola.org/";
|
||||
changelog = "https://github.com/getzola/zola/raw/v${version}/CHANGELOG.md";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ dandellion dywedir _0x4A6F ];
|
||||
# set because of unstable-* version
|
||||
|
|
|
@ -201,7 +201,6 @@ stdenv.mkDerivation {
|
|||
url = "http://www.mozilla.org/en-US/foundation/trademarks/policy/";
|
||||
};
|
||||
platforms = builtins.attrNames mozillaPlatforms;
|
||||
timeout = 86400; # 24 hours (increased from the Hydra default of 10h, c.f. #129115)
|
||||
maintainers = with maintainers; [ taku0 lovesegfault ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -21,6 +21,7 @@ rec {
|
|||
badPlatforms = lib.platforms.darwin;
|
||||
broken = stdenv.buildPlatform.is32bit; # since Firefox 60, build on 32-bit platforms fails with "out of memory".
|
||||
# not in `badPlatforms` because cross-compilation on 64-bit machine might work.
|
||||
maxSilent = 14400; # 4h, double the default of 7200s (c.f. #129212, #129115)
|
||||
license = lib.licenses.mpl20;
|
||||
};
|
||||
tests = [ nixosTests.firefox ];
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
, replace, fetchurl, zip, unzip, jq, xdg-utils, writeText
|
||||
|
||||
## various stuff that can be plugged in
|
||||
, ffmpeg, xorg, alsa-lib, libpulseaudio, libcanberra-gtk3, libglvnd, libnotify
|
||||
, ffmpeg, xorg, alsa-lib, libpulseaudio, libcanberra-gtk3, libglvnd, libnotify, opensc
|
||||
, gnome/*.gnome-shell*/
|
||||
, browserpass, chrome-gnome-shell, uget-integrator, plasma5Packages, bukubrow, pipewire
|
||||
, tridactyl-native
|
||||
|
@ -49,6 +49,8 @@ let
|
|||
gssSupport = browser.gssSupport or false;
|
||||
alsaSupport = browser.alsaSupport or false;
|
||||
pipewireSupport = browser.pipewireSupport or false;
|
||||
# PCSC-Lite daemon (services.pcscd) also must be enabled for firefox to access smartcards
|
||||
smartcardSupport = cfg.smartcardSupport or false;
|
||||
|
||||
nativeMessagingHosts =
|
||||
([ ]
|
||||
|
@ -70,6 +72,7 @@ let
|
|||
(with xorg; [ stdenv.cc libX11 libXxf86dga libXxf86vm libXext libXt alsa-lib zlib ])
|
||||
++ lib.optional (config.pulseaudio or true) libpulseaudio
|
||||
++ lib.optional alsaSupport alsa-lib
|
||||
++ lib.optional smartcardSupport opensc
|
||||
++ pkcs11Modules;
|
||||
gtk_modules = [ libcanberra-gtk3 ];
|
||||
|
||||
|
@ -120,6 +123,10 @@ let
|
|||
ret ++ [ "${e.outPath}/${e.extid}.xpi" ]
|
||||
) [] extensions;
|
||||
};
|
||||
} // lib.optionalAttrs smartcardSupport {
|
||||
SecurityDevices = {
|
||||
"OpenSC PKCS#11 Module" = "onepin-opensc-pkcs11.so";
|
||||
};
|
||||
}
|
||||
// extraPolicies;
|
||||
};
|
||||
|
|
|
@ -4,6 +4,8 @@
|
|||
, nix-update-script
|
||||
, cmake
|
||||
, pkg-config
|
||||
, fribidi
|
||||
, harfbuzz
|
||||
, libunistring
|
||||
, mpg123
|
||||
, openssl
|
||||
|
@ -15,27 +17,36 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "lagrange";
|
||||
version = "1.5.2";
|
||||
version = "1.6.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "skyjake";
|
||||
repo = "lagrange";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-NjiTjY2YuxUs/Wny7aDqHGw/2ML1fenjHrl089rLXFI=";
|
||||
sha256 = "sha256-YTWVBQt0X12UDFJv/rPBqlIBC4iXSvpdYi/HIl+BPxc=";
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
rm -r lib/fribidi lib/harfbuzz
|
||||
'';
|
||||
|
||||
nativeBuildInputs = [ cmake pkg-config ];
|
||||
|
||||
buildInputs = [ libunistring mpg123 openssl pcre SDL2 zlib ]
|
||||
buildInputs = [ fribidi harfbuzz libunistring mpg123 openssl pcre SDL2 zlib ]
|
||||
++ lib.optional stdenv.isDarwin AppKit;
|
||||
|
||||
hardeningDisable = lib.optional (!stdenv.cc.isClang) "format";
|
||||
|
||||
installPhase = if stdenv.isDarwin then ''
|
||||
cmakeFlags = [
|
||||
"-DENABLE_HARFBUZZ_MINIMAL:BOOL=OFF"
|
||||
"-DENABLE_FRIBIDI_BUILD:BOOL=OFF"
|
||||
];
|
||||
|
||||
installPhase = lib.optionalString stdenv.isDarwin ''
|
||||
mkdir -p $out/Applications
|
||||
mv Lagrange.app $out/Applications
|
||||
'' else null;
|
||||
'';
|
||||
|
||||
passthru = {
|
||||
updateScript = nix-update-script {
|
||||
|
|
|
@ -1,11 +1,16 @@
|
|||
{ lib, stdenv, buildPackages
|
||||
, fetchurl, pkg-config, ncurses, gzip
|
||||
, sslSupport ? true, openssl ? null
|
||||
{ lib
|
||||
, stdenv
|
||||
, buildPackages
|
||||
, fetchurl
|
||||
, pkg-config
|
||||
, ncurses
|
||||
, gzip
|
||||
, sslSupport ? true
|
||||
, openssl
|
||||
, nukeReferences
|
||||
, fetchpatch
|
||||
}:
|
||||
|
||||
assert sslSupport -> openssl != null;
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "lynx";
|
||||
version = "2.8.9rel.1";
|
||||
|
@ -22,6 +27,14 @@ stdenv.mkDerivation rec {
|
|||
|
||||
hardeningEnable = [ "pie" ];
|
||||
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
name = "CVE-2021-38165.patch";
|
||||
url = "https://git.alpinelinux.org/aports/plain/main/lynx/CVE-2021-38165.patch?id=3400945dbbb8a87065360963e4caa0e17d3dcc61";
|
||||
sha256 = "1aykb9y2g2vdpbbpvjlm4r40x7py2yv6jbywwcqcxrlciqcw4x57";
|
||||
})
|
||||
];
|
||||
|
||||
configureFlags = [
|
||||
"--enable-default-colors"
|
||||
"--enable-widec"
|
||||
|
@ -32,7 +45,8 @@ stdenv.mkDerivation rec {
|
|||
nativeBuildInputs = [ nukeReferences ]
|
||||
++ lib.optional sslSupport pkg-config;
|
||||
|
||||
buildInputs = [ ncurses gzip ] ++ lib.optional sslSupport openssl.dev;
|
||||
buildInputs = [ ncurses gzip ]
|
||||
++ lib.optional sslSupport openssl;
|
||||
|
||||
# cfg_defs.h captures lots of references to build-only dependencies, derived
|
||||
# from config.cache.
|
||||
|
@ -44,6 +58,7 @@ stdenv.mkDerivation rec {
|
|||
meta = with lib; {
|
||||
description = "A text-mode web browser";
|
||||
homepage = "https://lynx.invisible-island.net/";
|
||||
maintainers = with maintainers; [ ];
|
||||
license = licenses.gpl2Plus;
|
||||
platforms = platforms.unix;
|
||||
};
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "cloudflared";
|
||||
version = "2021.7.4";
|
||||
version = "2021.8.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "cloudflare";
|
||||
repo = "cloudflared";
|
||||
rev = version;
|
||||
sha256 = "sha256-3HK7QLUhU6MUayRYec4LP2BfbwEsvtjtCf++o1cQsQw=";
|
||||
sha256 = "sha256-92Uq7hSqfsiES6dSCw4cotfLJ8TLRRO6QPkwQ8iv124=";
|
||||
};
|
||||
|
||||
vendorSha256 = null;
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, buildGoModule, fetchFromGitHub, fetchzip, installShellFiles }:
|
||||
|
||||
let
|
||||
version = "0.16.1";
|
||||
version = "0.16.2";
|
||||
|
||||
manifests = fetchzip {
|
||||
url = "https://github.com/fluxcd/flux2/releases/download/v${version}/manifests.tar.gz";
|
||||
|
@ -19,10 +19,10 @@ buildGoModule rec {
|
|||
owner = "fluxcd";
|
||||
repo = "flux2";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-OjbyDg+3dSJco162NubK12pbmwib6uGlJQxVaJOzSig=";
|
||||
sha256 = "sha256-hP2HQI9Oc7IlzVS5r7yqGAgSgqECOSZVe2B3vO2sgKA=";
|
||||
};
|
||||
|
||||
vendorSha256 = "sha256-GPbuHv/Xi9sWWZ6SIlW8cm5bY1gTO41vygx2C8dEt0k=";
|
||||
vendorSha256 = "sha256-6ABnX0GV3HmhpUpPWS0bigubRqpXGoikEeQ/LqO6Ybs=";
|
||||
|
||||
nativeBuildInputs = [ installShellFiles ];
|
||||
|
||||
|
|
40
third_party/nixpkgs/pkgs/applications/networking/cluster/helm/chart-testing/default.nix
vendored
Normal file
40
third_party/nixpkgs/pkgs/applications/networking/cluster/helm/chart-testing/default.nix
vendored
Normal file
|
@ -0,0 +1,40 @@
|
|||
{ lib, buildGoModule, fetchFromGitHub }:
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "chart-testing";
|
||||
version = "3.4.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "helm";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-c7Rjk2YZaQXyFwrDVwYgOCnq/F2ooIUVETXVn5FVlZE=";
|
||||
};
|
||||
|
||||
vendorSha256 = "sha256-1Py66ljDjJC38biJ25D8KnWEi3nXAVt9QSgyH1KkwHM=";
|
||||
|
||||
postPatch = ''
|
||||
substituteInPlace pkg/config/config.go \
|
||||
--replace "\"/etc/ct\"," "\"$out/etc/ct\","
|
||||
'';
|
||||
|
||||
ldflags = [
|
||||
"-w"
|
||||
"-s"
|
||||
"-X github.com/helm/chart-testing/v3/ct/cmd.Version=${version}"
|
||||
"-X github.com/helm/chart-testing/v3/ct/cmd.GitCommit=${src.rev}"
|
||||
"-X github.com/helm/chart-testing/v3/ct/cmd.BuildDate=19700101-00:00:00"
|
||||
];
|
||||
|
||||
postInstall = ''
|
||||
install -Dm644 -t $out/etc/ct etc/chart_schema.yaml
|
||||
install -Dm644 -t $out/etc/ct etc/lintconf.yaml
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "A tool for testing Helm charts";
|
||||
homepage = "https://github.com/helm/chart-testing";
|
||||
license = licenses.asl20;
|
||||
maintainers = with maintainers; [ atkinschang ];
|
||||
};
|
||||
}
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "k9s";
|
||||
version = "0.24.14";
|
||||
version = "0.24.15";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "derailed";
|
||||
repo = "k9s";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-Kw3TT8IeJT0y2vSd38/y7BRq7PxMH2tiXV4/lOn5INA=";
|
||||
sha256 = "sha256-ws5JC2/WkgwxKwYtP9xtFELRhztzL6tNSvopyeC6H0Q=";
|
||||
};
|
||||
|
||||
buildFlagsArray = ''
|
||||
|
@ -18,7 +18,7 @@ buildGoModule rec {
|
|||
-X github.com/derailed/k9s/cmd.commit=${src.rev}
|
||||
'';
|
||||
|
||||
vendorSha256 = "sha256-JBWQxRaMvIbUiOD7sJiZH1SHNCdysgh5FeSmYf+FdG4=";
|
||||
vendorSha256 = "sha256-T9khJeg5XPhVyUiu4gEEHZR6RgJF4P8LYFycqJglms8=";
|
||||
|
||||
doCheck = false;
|
||||
|
||||
|
|
|
@ -2,16 +2,16 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "kpt";
|
||||
version = "0.38.0";
|
||||
version = "0.38.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "GoogleContainerTools";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-MBZa4LdpCZnVVbjzkYpPi9/CYGqVLeYy2N/AS1PSYBE=";
|
||||
sha256 = "sha256-gJAdxg/evsQ+mKsNx/migDMK5lCZ2qSrksbsGDr4fmU=";
|
||||
};
|
||||
|
||||
vendorSha256 = "sha256-P0cN8aw62nPD1OlUAw1E36YxptxtPqqruZfDDG4Ag2w=";
|
||||
vendorSha256 = "sha256-GvkT51JudEdPz6zbqyf5qY6P2AbsaSMbirnxXmza5aI=";
|
||||
|
||||
subPackages = [ "." ];
|
||||
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
{ lib
|
||||
, buildGoModule
|
||||
, fetchFromGitHub
|
||||
, installShellFiles
|
||||
, makeWrapper
|
||||
, git
|
||||
, go
|
||||
|
@ -15,11 +14,11 @@ buildGoModule rec {
|
|||
owner = "kubernetes-sigs";
|
||||
repo = "kubebuilder";
|
||||
rev = "v${version}";
|
||||
sha256 = "1726j2b5jyvllvnk60g6px3g2jyyphd9pc4vgid45mis9b60sh8a";
|
||||
sha256 = "0bl5ff2cplal6hg75800crhyviamk1ws85sq60h4zg21hzf21y68";
|
||||
};
|
||||
vendorSha256 = "0zxyd950ksjswja64rfri5v2yaalfg6qmq8215ildgrcavl9974n";
|
||||
|
||||
subPackages = ["cmd" "pkg/..."];
|
||||
subPackages = ["cmd"];
|
||||
|
||||
preBuild = ''
|
||||
export buildFlagsArray+=("-ldflags=-X main.kubeBuilderVersion=v${version} \
|
||||
|
|
|
@ -28,11 +28,9 @@ buildGoModule rec {
|
|||
|
||||
buildInputs = lib.optionals stdenv.isLinux [ systemd ];
|
||||
|
||||
buildFlags = "-mod vendor" +
|
||||
lib.optionalString stdenv.isLinux " -tags journald";
|
||||
tags = lib.optionals stdenv.isLinux [ "journald" ];
|
||||
|
||||
buildFlagsArray = [
|
||||
"-ldflags="
|
||||
ldflags = [
|
||||
"-X k8s.io/${pname}/pkg/version.version=v${version}"
|
||||
];
|
||||
|
||||
|
|
|
@ -2,16 +2,16 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "terragrunt";
|
||||
version = "0.31.1";
|
||||
version = "0.31.3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "gruntwork-io";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-vc3DGYb3vp55LRguhg3nG5zH7w1lTFEI2bx7kNffvas=";
|
||||
sha256 = "sha256-I7S7B+mQxLdMWiLAkUIW39kXGU9k647OOhHysYotkfU=";
|
||||
};
|
||||
|
||||
vendorSha256 = "sha256-lBhLaYn8adgfCXQJBsIVuwnA0vY8+tgeqE+C669AV+A=";
|
||||
vendorSha256 = "sha256-CVWg2SvRO//xye05G3svGeqgaTKdRcoERrR7Tp0JZUo=";
|
||||
|
||||
doCheck = false;
|
||||
|
||||
|
|
56
third_party/nixpkgs/pkgs/applications/networking/gftp/default.nix
vendored
Normal file
56
third_party/nixpkgs/pkgs/applications/networking/gftp/default.nix
vendored
Normal file
|
@ -0,0 +1,56 @@
|
|||
{ lib
|
||||
, stdenv
|
||||
, fetchFromGitHub
|
||||
, autoconf
|
||||
, automake
|
||||
, gettext
|
||||
, gtk
|
||||
, intltool
|
||||
, libtool
|
||||
, ncurses
|
||||
, openssl
|
||||
, pkg-config
|
||||
, readline
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "gftp";
|
||||
version = "2.7.0b";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "masneyb";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
hash = "sha256-cIB3SneYKavgdI8eTtM1qsOrBJJ0c7/3CEvNPishNog=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
autoconf
|
||||
automake
|
||||
gettext
|
||||
intltool
|
||||
libtool
|
||||
pkg-config
|
||||
];
|
||||
buildInputs = [
|
||||
gtk
|
||||
ncurses
|
||||
openssl
|
||||
readline
|
||||
];
|
||||
|
||||
hardeningDisable = [ "format" ];
|
||||
|
||||
preConfigure = ''
|
||||
./autogen.sh
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://github.com/masneyb/gftp";
|
||||
description = "GTK-based multithreaded FTP client for *nix-based machines";
|
||||
license = licenses.gpl2Plus;
|
||||
maintainers = with maintainers; [ AndersonTorres ];
|
||||
platforms = platforms.unix;
|
||||
};
|
||||
}
|
||||
# TODO: report the hardeningDisable to upstream
|
|
@ -15,6 +15,7 @@
|
|||
, enableSpelling ? true, gspell
|
||||
, enableUPnP ? true, gupnp-igd
|
||||
, enableOmemoPluginDependencies ? true
|
||||
, enableAppIndicator ? true, libappindicator-gtk3
|
||||
, extraPythonPackages ? ps: []
|
||||
}:
|
||||
|
||||
|
@ -33,7 +34,8 @@ python3.pkgs.buildPythonApplication rec {
|
|||
] ++ lib.optionals enableJingle [ farstream gstreamer gst-plugins-base gst-libav gst-plugins-good libnice ]
|
||||
++ lib.optional enableSecrets libsecret
|
||||
++ lib.optional enableSpelling gspell
|
||||
++ lib.optional enableUPnP gupnp-igd;
|
||||
++ lib.optional enableUPnP gupnp-igd
|
||||
++ lib.optional enableAppIndicator libappindicator-gtk3;
|
||||
|
||||
nativeBuildInputs = [
|
||||
gettext wrapGAppsHook
|
||||
|
|
|
@ -22,11 +22,11 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "insync";
|
||||
version = "3.2.4.40856";
|
||||
version = "3.3.5.40925";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://s.insynchq.com/builds/${pname}_${version}-focal_amd64.deb";
|
||||
sha256 = "1bvqbbrfn5784nmb2qaflm1rzczqhvghhb6y5zaxrapyhygxbcis";
|
||||
sha256 = "sha256-lYlG/8d7teX98F5eDxm4EdBfFs7Sz3Td4kKLC6KZqnQ=";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
{ stdenv
|
||||
, lib
|
||||
, rustPlatform
|
||||
, fetchpatch
|
||||
, fetchFromGitHub
|
||||
, pkg-config
|
||||
, dbus
|
||||
|
@ -11,23 +10,20 @@
|
|||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "tiny";
|
||||
version = "0.8.0";
|
||||
version = "0.9.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "osa1";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "07a50shv6k4fwl2gmv4j0maxaqqkjpwwmqkxkqs0gvx38lc5f7m7";
|
||||
sha256 = "gKyHR3FZHDybaP38rqB8/gvr8T+mDO4QQxoTtWS+TlE=";
|
||||
};
|
||||
|
||||
cargoSha256 = "0npkcprcqy2pn7k64jzwg41vk9id6yzw211xw203h80cc5444igr";
|
||||
cargoSha256 = "0ChfW8vaqC2kCp4lpS0HOvhuihPw9G5TOmgwKzVDfws=";
|
||||
|
||||
# Fix Cargo.lock version. Remove with the next release.
|
||||
cargoPatches = [
|
||||
# Fix Cargo.lock version. Remove with the next release.
|
||||
(fetchpatch {
|
||||
url = "https://github.com/osa1/tiny/commit/b1caf48a6399dad8875de1d965d1ad445e49585d.patch";
|
||||
sha256 = "1zkjhx94nwmd69cfwwwzg51ipcwq01wyvgsmn0vq7iaa2h0d286i";
|
||||
})
|
||||
./fix-Cargo.lock.patch
|
||||
];
|
||||
|
||||
nativeBuildInputs = lib.optional stdenv.isLinux pkg-config;
|
||||
|
@ -38,6 +34,6 @@ rustPlatform.buildRustPackage rec {
|
|||
homepage = "https://github.com/osa1/tiny";
|
||||
changelog = "https://github.com/osa1/tiny/blob/v${version}/CHANGELOG.md";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ Br1ght0ne ];
|
||||
maintainers = with maintainers; [ Br1ght0ne vyp ];
|
||||
};
|
||||
}
|
||||
|
|
13
third_party/nixpkgs/pkgs/applications/networking/irc/tiny/fix-Cargo.lock.patch
vendored
Normal file
13
third_party/nixpkgs/pkgs/applications/networking/irc/tiny/fix-Cargo.lock.patch
vendored
Normal file
|
@ -0,0 +1,13 @@
|
|||
diff --git a/Cargo.lock b/Cargo.lock
|
||||
index 3a184dc..0e58cb1 100644
|
||||
--- a/Cargo.lock
|
||||
+++ b/Cargo.lock
|
||||
@@ -1023,7 +1023,7 @@ dependencies = [
|
||||
|
||||
[[package]]
|
||||
name = "tiny"
|
||||
-version = "0.8.0"
|
||||
+version = "0.9.0"
|
||||
dependencies = [
|
||||
"clap",
|
||||
"dirs 3.0.1",
|
|
@ -2,16 +2,16 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "juju";
|
||||
version = "2.9.9";
|
||||
version = "2.9.10";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "juju";
|
||||
repo = "juju";
|
||||
rev = "juju-${version}";
|
||||
sha256 = "sha256-36/fatztop2eB1z9DfnseQXw0Di3Wss72IfgdnKpsNU=";
|
||||
sha256 = "sha256-2gCJ6aN6uN0KtOVddLDry4pLhScSh4JHmdsFws59phk=";
|
||||
};
|
||||
|
||||
vendorSha256 = "sha256-MH9lZNc9KevovZJCN2nClmqJbRSwYoQ4Jb0CXqBBUd0=";
|
||||
vendorSha256 = "sha256-vFO3Rv+7CLIkl1qS4zp177GmerewfgmyjxEbzdt/RsE=";
|
||||
|
||||
# Disable tests because it attempts to use a mongodb instance
|
||||
doCheck = false;
|
||||
|
|
|
@ -3,11 +3,11 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "evolution-ews";
|
||||
version = "3.40.1";
|
||||
version = "3.40.3";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://gnome/sources/${pname}/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
|
||||
sha256 = "1kgxdacqqcq8yfkij6vyqlk5r4yqvw7gh7mxqii670hrn1mb2s50";
|
||||
sha256 = "ZAIE5rpPOyZT3VSPYOR143bP8Na7Kv0NQRhQ+p2oxJY=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake gettext intltool pkg-config ];
|
||||
|
|
|
@ -1,14 +1,12 @@
|
|||
{ lib, stdenv, fetchurl, jre, makeWrapper }:
|
||||
|
||||
with lib;
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
version = "6.8.9";
|
||||
version = "6.9.4";
|
||||
pname = "frostwire";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://dl.frostwire.com/frostwire/${version}/frostwire-${version}.amd64.tar.gz";
|
||||
sha256 = "0f5vyliwncryj6hj5xx0dycxycxddsn28n6zixjrn56jajijyl6q";
|
||||
sha256 = "sha256-sWvQDUJGytKA9/UbC7fOk6WhDtTqdhyRmW9GvHFMZh4=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ makeWrapper ];
|
||||
|
|
|
@ -26,13 +26,13 @@
|
|||
|
||||
let
|
||||
pname = "pcloud";
|
||||
version = "1.9.3";
|
||||
code = "XZh0QTXZIYkI66plpzLAJ4G2mwDvJFvKvEzy";
|
||||
version = "1.9.5";
|
||||
code = "XZy4VwXZjkvoMGM3x6kCTkIGLFYVKjqKbefX";
|
||||
|
||||
# Archive link's code thanks to: https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=pcloud-drive
|
||||
src = fetchzip {
|
||||
url = "https://api.pcloud.com/getpubzip?code=${code}&filename=${pname}-${version}.zip";
|
||||
hash = "sha256-NFbSYZRysRIg6q0aaDocpK7xJbiCWc1S0McXKlCRGjU=";
|
||||
hash = "sha256-GuO4wsSRT6WMlqYs2X+5oA7CykHb/NmhZ7UGA1FA6y4=";
|
||||
};
|
||||
|
||||
appimageContents = appimageTools.extractType2 {
|
||||
|
|
|
@ -23,8 +23,9 @@ buildGoModule rec {
|
|||
buildInputs = lib.optional enableCmount (if stdenv.isDarwin then macfuse-stubs else fuse);
|
||||
nativeBuildInputs = [ installShellFiles makeWrapper ];
|
||||
|
||||
buildFlagsArray = lib.optionals enableCmount [ "-tags=cmount" ]
|
||||
++ [ "-ldflags=-s -w -X github.com/rclone/rclone/fs.Version=${version}" ];
|
||||
tags = lib.optionals enableCmount [ "cmount" ];
|
||||
|
||||
ldflags = [ "-s" "-w" "-X github.com/rclone/rclone/fs.Version=${version}" ];
|
||||
|
||||
postInstall =
|
||||
let
|
||||
|
|
|
@ -2,11 +2,11 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "atlassian-cli";
|
||||
version = "9.5.0";
|
||||
version = "9.6.0";
|
||||
|
||||
src = fetchzip {
|
||||
url = "https://bobswift.atlassian.net/wiki/download/attachments/16285777/${pname}-${version}-distribution.zip";
|
||||
sha256 = "sha256-EAoydA2lg4K1gTgzn9patNw7pcCdU/OPfaEG1OfEJ18=";
|
||||
sha256 = "sha256-55ydhprVC9NdDMUrKbpSAEQBb9zRYgwOc7k8aP4R89A=";
|
||||
};
|
||||
|
||||
tools = [
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, stdenv, fetchurl, makeWrapper, jre }:
|
||||
|
||||
let
|
||||
version = "2020.2.6";
|
||||
version = "2021.2.1";
|
||||
majorVersion = builtins.substring 0 6 version;
|
||||
in
|
||||
|
||||
|
@ -11,7 +11,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
src = fetchurl {
|
||||
url = "http://download.flexibee.eu/download/${majorVersion}/${version}/${pname}-${version}.tar.gz";
|
||||
sha256 = "0vscz24sabk9xafywnx41rqhq6300ddsw1x95ibc7ghsgbkq80ja";
|
||||
sha256 = "sha256-WorRyfjWucV8UhAjvuW+22CRzPcz5tjXF7Has4wrLMI=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ makeWrapper ];
|
||||
|
|
|
@ -12,11 +12,11 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "grisbi";
|
||||
version = "2.0.1";
|
||||
version = "2.0.2";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/grisbi/${pname}-${version}.tar.bz2";
|
||||
sha256 = "sha256-hFLiVHyEekCP9btO75e5ni70ZcLhjbBGCBjF2gERIqs=";
|
||||
sha256 = "sha256-bCO82EWAf/kiMDdojA5goWeWiKWZNOGYixmIJQwovGM=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ pkg-config wrapGAppsHook ];
|
||||
|
|
|
@ -1,21 +1,34 @@
|
|||
{ lib
|
||||
, stdenv
|
||||
, fetchpatch
|
||||
, python3Packages
|
||||
, wrapGAppsHook
|
||||
, gtk3
|
||||
, gobject-introspection
|
||||
, libcanberra-gtk3
|
||||
, poppler_gi
|
||||
, withGstreamer ? stdenv.isLinux
|
||||
, withVLC ? stdenv.isLinux
|
||||
}:
|
||||
|
||||
python3Packages.buildPythonApplication rec {
|
||||
pname = "pympress";
|
||||
version = "1.5.1";
|
||||
version = "1.6.3";
|
||||
|
||||
src = python3Packages.fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "173d9scf2z29qg279jf33zcl7sgc3wp662fgpm943bn9667q18wf";
|
||||
sha256 = "sha256-f+OjE0x/3yfJYHCLB+on7TT7MJ2vNu87SHRi67qFDCM=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
# Should not be needed once v1.6.4 is released
|
||||
(fetchpatch {
|
||||
name = "fix-setuptools-version-parsing.patch";
|
||||
url = "https://github.com/Cimbali/pympress/commit/474514d71396ac065e210fd846e07ed1139602d0.diff";
|
||||
sha256 = "sha256-eiw54sjMrXrNrhtkAXxiSTatzoA0NDA03L+HpTDax58=";
|
||||
})
|
||||
];
|
||||
|
||||
nativeBuildInputs = [
|
||||
wrapGAppsHook
|
||||
];
|
||||
|
@ -23,16 +36,15 @@ python3Packages.buildPythonApplication rec {
|
|||
buildInputs = [
|
||||
gtk3
|
||||
gobject-introspection
|
||||
libcanberra-gtk3
|
||||
poppler_gi
|
||||
];
|
||||
] ++ lib.optional withGstreamer libcanberra-gtk3;
|
||||
|
||||
propagatedBuildInputs = with python3Packages; [
|
||||
pycairo
|
||||
pygobject3
|
||||
python-vlc
|
||||
setuptools
|
||||
watchdog
|
||||
];
|
||||
] ++ lib.optional withVLC python-vlc;
|
||||
|
||||
doCheck = false; # there are no tests
|
||||
|
||||
|
|
|
@ -18,11 +18,11 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "fldigi";
|
||||
version = "4.1.19";
|
||||
version = "4.1.20";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/${pname}/${pname}-${version}.tar.gz";
|
||||
sha256 = "0zvfkmvxi31ccbpxvimkcrqrkf3wzr1pgja2ny04srrakl8ff5c7";
|
||||
sha256 = "0f64pqijl3jlfmv00hkdxvn1wy5yy3zl33p6vf3fn1b91w590c2h";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ pkg-config ];
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue